[英]Why does secondary subdomain for Discourse in AWS fail?
I have a domain for a public-facing static website that loads fine whether it's entered into the browser as example.com
, http://example.com
, or https://example.com
. I have a domain for a public-facing static website that loads fine whether it's entered into the browser as example.com
, http://example.com
, or https://example.com
.
I have a private (accessible by login) subdomain for a Discourse forum that loads fine whether it's entered into the browser as discourse.example.com
, http://discourse.example.com
, or https://discourse.example.com
. I have a private (accessible by login) subdomain for a Discourse forum that loads fine whether it's entered into the browser as discourse.example.com
, http://discourse.example.com
, or https://discourse.example.com
.
The subdomain for Discourse is achieved by addition of a record to the AWS Route 53 hosted zone: Discourse 的子域是通过向 AWS Route 53 托管区域添加记录来实现的:
Record name: discourse.example.com记录名称:discourse.example.com
Record type: A记录类型:A
Value: 123.45.678.90值:123.45.678.90
Alias: No别名:无
TTL: 300生存时间:300
Routing policy: Simple路由策略:简单
I'd like to provide a shorter alternative/secondary subdomain for Discourse.我想为 Discourse 提供一个较短的替代/辅助子域。 So I added another record, nearly same as the prior, only with the record name changed from discourse.example.com
to d.example.com
.所以我添加了另一条记录,几乎与之前相同,只是记录名称从discourse.example.com
更改为d.example.com
。
Strangely, this works in HTTP, but in HTTPS the browser warns:奇怪的是,这在 HTTP 中有效,但在 HTTPS 中,浏览器警告:
Your connection is not private你的连接不是私人的
Attackers might be trying to steal your information from d.example.com (for example, passwords, messages, or credit cards).攻击者可能试图从 d.example.com 窃取您的信息(例如,密码、消息或信用卡)。
Learn more学到更多
NET::ERR_CERT_COMMON_NAME_INVALID NET::ERR_CERT_COMMON_NAME_INVALID
What am I missing?我错过了什么? Should I be going about this a different way?我应该以不同的方式解决这个问题吗?
My AWS Certificate covers example.com
and *.example.com
.我的 AWS 证书涵盖example.com
和*.example.com
。 My CloudFront distribution covers example.com
and d.example.com
.我的 CloudFront 分布涵盖example.com
和d.example.com
。 I have disabled my Amazon CloudFront cache during this configuration temporarily to ensure that's not a factor.我在此配置期间暂时禁用了我的 Amazon CloudFront 缓存,以确保这不是一个因素。
I found a solution:我找到了一个解决方案:
d.example.com
).将其命名为我想要的子域( d.example.com
)。discourse.example.com
).将主机名设置为所需的重定向 URL ( discourse.example.com
)。http://d.example.com.s3-website.aws-region-2.amazonaws.com
). Note its static website hosting bucket website endpoint for later (looks like http://d.example.com.s3-website.aws-region-2.amazonaws.com
).d.example.com
).添加备用/CNAME 作为所需的新子域( d.example.com
)。d
).将记录名称设置为所需的子域 ( d
)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.