1
  • I have instantaudiobook.co registered at Name Cheap and pointing to AWS Route 53.
  • I have CloudFront in front of my AWS server (just running
    WordPress).
  • I created an SSL cert in AWS Certificate Manager and associated it with my domain via CloudFront.
  • When I try to access my domain, I get various errors:

Regular HTTP Request To My Domain:

I get a Bad Request/403 error.

enter image description here

Request To The Cloudfront Domain

I get the same 403 error.

enter image description here

HTTPS Request To My Domain

Sometimes I get the same 403 errors. And sometimes I get an Unsupported Protocol error.

enter image description here

  • Based on the SSL certs in Chrome and Safari, the certificate looks OK:

enter image description here enter image description here

  • Certificate Manager Setup: enter image description here

    • Route 53 DNS Setup:

enter image description here

  • ec2 setup:

enter image description here

  • CloudFront Setup: enter image description here

enter image description here

enter image description here

  • Wordpress wp_config:

define('WP_HOME','https://instantaudiobook.co'); define('WP_SITEURL','https://instantaudiobook.co');

Brad Rhoads
  • 79
  • 9
  • Why the -1? Please help me improve the question. – Brad Rhoads Oct 07 '17 at 21:31
  • 1
    My first thought was it only says TLSv1, but a [test](https://sslanalyzer.comodoca.com/?url=instantaudiobook.co) says it supports TLS 1.1 and 1.2. Don't worry about a single downvote, your question looks fine to me. This can be fiddly to get working. I do remember having to define a subdomain "origin.example.com" and setting that as the origin so CloudFront wasn't trying to connect to itself – Tim Oct 07 '17 at 22:14
  • So you are using the same certficate on you AWS instance *and* the CloudFront Frontend? I didn't know this was possible. I'd use the AWS instance via HTTP and let CF do the HTTPS (and the redirect). – bjoster Oct 10 '17 at 12:44
  • I did change the origin settings to use http and point the Public DNS, per the answer. Is that what you mean? – Brad Rhoads Oct 10 '17 at 16:29
  • 2
    "Please help me improve the question." -- well, for starters, there isn't *actually* question posed, as evidenced by the lack of a question mark. – womble Oct 17 '17 at 09:54

1 Answers1

1

Your origin should be pointed to the host. In this example it looks like your origin is pointed to the cloudfront distribution as well. See sample

user1969510
  • 76
  • 1
  • I change the origin to the origin to point to the Public DNS (IPv4) (ec2-54-.....amazonaws.com). And now I get ERR_TOO_MANY_REDIRECTS. – Brad Rhoads Oct 10 '17 at 12:17
  • @Brad, likely wordpress home in configuration table not matching actual host name, or make sure you clear caceh. Chrome Aggressively caches redirects – jdog Oct 10 '17 at 21:32
  • @BradRhoads use the answer from here: [link](https://stackoverflow.com/questions/27193575/wordpress-cloudfront-flexible-ssl-ends-up-in-redirect-loop-https) – user1969510 Oct 11 '17 at 03:27
  • change the header though from X-FORWARDED-PROTO to CLOUDFRONT-FORWARDED-PROTO – user1969510 Oct 11 '17 at 05:38
  • @user1969510 Do you add this line to wp_conf.php: if ($_SERVER['CLOUDFRONT-FORWARDED-PROTO'] == 'https') $_SERVER['HTTPS']='on'; or do you mean something else? I tried that. My current status is that I always get ERR_TOO_MANY_REDIRECTS. – Brad Rhoads Oct 14 '17 at 18:49
  • yes add that config – user1969510 Oct 16 '17 at 04:57