Custom subdomain on Route 53 pointing to cloudfront distribution and s3 static website not working

Question

I'm trying to configure a custom domain name ("test.example.com") transferred to Route 53, pointing towards an S3 static website bucket ("test.example.com"), through the use of a cloudfront distribution ("1111.cloudfront.net") (for the record, I couldn't point the domain toward the S3 bucket directly either). I've got the following settings;

Route 53 record sets:

• A test.example.com (alias = yes) pointing towards: 1111.cloudfront.net
• AAAA test.example.com (alias = yes) pointing towards: 1111.cloudfront.net

Cloudfront distribution:

• Alternate Domain Names (CNAMEs): test.example.com
• IPv6: enabled
• Delivery method: web
• Domain Name: 1111.cloudfront.net
• SSL certificate: *.example.com (registered in us-east-1, I've got a similar one in eu-north-1)
• Origin: test.example.com.s3.amazonaws.com

Certificate manager:

• Domain name: *.example.com
• Additional names: example.com
• Status: issued

The following works:

http://test.example.com.s3-website.eu-north-1.amazonaws.com

http://1111.cloudfront.com

https://1111.cloudfront.com

The following does not work:

http://test.example.com

https://test.example.com

I can't see what I'm missing?

Answer 1

Step 1 :Set Redirection for this --> http://test.example.com to http://1111.cloudfront.co Step 2 :Set Url Masking for this --> http://1111.cloudfront.com (Coding) to actual website

URL Masking Link: https://www.brontobytes.com/knowledgebase/202/htaccess-URL-Masking-Examples.html?language=english&currency=7

I think you explained the in complex form kindly let us know actual content to be displayed (Source) and other pointing urls.

Answer 2

Apparently DNSSEC was activated on the domain. Route 53 does not support DNSSEC. It was a transferred domain, so I could delete the public keys (you can't add, but you can delete keys created with the previous DNS service).