简体繁体中英

Cloudfront with ACM managed cert for website that's hosted on external server

原文 2022-05-05 14:33:28 6 1 amazon-web-services/ amazon-cloudfront/ amazon-acm

I have a Route53 hosted zone foo.bar with a couple of CNAME's in there pointing to external IP addresses. For example, a website with domain name myapp.foo.bar is hosted on a Digital Ocean server but the CNAME record is in the route53 hosted zone foo.bar.

I want to use ACM to manage the certificate for *.foo.bar because this would mean I can use DNS validation for automatic renewal.

I've tried to deploy an Application Load Balancer but I can't use external IP's as target. Therefore, I'm looking now into using Cloudfront for solving this issue. Is it possible to attach an ACM managed cert to the Cloudfront distribution and use a DNS origin of which the IP points to an external server? If this is possible, any caveats with respect to this solution?

1 answers

Yes, you can set up CloudFront with an alternative Domain Name - For that you can create the SSL/TLS cert with ACM, and can select your Digital Ocean hosted instance domain name as a target of the CloudFront origin.

CloudFront (custom origin, my-best-domain.com (ssl with ACM)) => Origin (Digital Ocean Domain server domain name (what you already configured with Route 53) - you cannot point to IP address here)

So in nuthshell you cannot manage the SSL/TLS Cert for your Digital Ocean Instance from AWS ACM:(, basically you need to do the SSL/TLS for your droplet/instance seperated from the AWS environment:(

As I am reading the Digital Ocean docs, they almost has the same functionality, it use Let's encrypt and automatically renews on your behalf.

https://docs.digitalocean.com/products/accounts/security/certificates/

S3 static hosted website not working without www. (Namecheap DNS, Cloudfront Distro, ACM SSL Cert)

Static website hosted in AWS S3 and CloudFront

503 error in authentication using Cloudfront and AWS Lambda for S3 hosted website

Import Porkbun TLS cert into AWS ACM

Can't access `domain_validation_options` for ACM cert in Terraform

Unzip file content hosted in s3 to multiple cloudfront url through a single lambda function

Terraform "aws_acm_ceritificate" link with cloudfront cannot be created

How to make an Angular Service Worker recognize new versions of a deployed application in a static-hosted S3 bucket hosted in AWS CloudFront

ALB Timeout when Using Lambda to serve S3-hosted React app through an ALB without cloudfront

Not able to server multiple S3 buckets on a single Cloudfront Distribution

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question S3 static hosted website not working without www. (Namecheap DNS, Cloudfront Distro, ACM SSL Cert) Static website hosted in AWS S3 and CloudFront 503 error in authentication using Cloudfront and AWS Lambda for S3 hosted website Import Porkbun TLS cert into AWS ACM Can't access `domain_validation_options` for ACM cert in Terraform Unzip file content hosted in s3 to multiple cloudfront url through a single lambda function Terraform "aws_acm_ceritificate" link with cloudfront cannot be created How to make an Angular Service Worker recognize new versions of a deployed application in a static-hosted S3 bucket hosted in AWS CloudFront ALB Timeout when Using Lambda to serve S3-hosted React app through an ALB without cloudfront Not able to server multiple S3 buckets on a single Cloudfront Distribution

Related Tags

Cloudfront with ACM managed cert for website that's hosted on external server

Question

1 answers

solution1 0 2022-05-05 17:12:11

solution1
0 2022-05-05 17:12:11