Forum | Really Simple SSL

Playing nice with Amazon S3 bucket and cloudfront

Home Forums General issues Playing nice with Amazon S3 bucket and cloudfront

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #11559
    Chris Walker
    Guest

    My templates and images for my website are on cdns in an amazons3 bucket with cloudfront distribution.

    What doesn’t work is the CDNs I’ve setup with Amazon s3 and cloudfront.
    I continually get net::ERR_INSECURE_RESPONSE on the resources so the theme, js, css, and images don’t load.

    evangelismcoach.org uses W3TC total Cache plugin and it appears to function correctly in terms of putting the template/images/css in the s3 bucket.

    Cloudfront setting in the edit origins:
    SSL Protocols of TLS1 and SSLv3
    Origin Protocol policy: Match Viewer

    I would think that Match Viewer would make the cdn calls https://

    Where can I start looking to make this work correctly?

    #11565
    Rogier
    Keymaster

    Hi,

    Your resources are pulled in through a subdomain, like csslayout.evangelismcoach.org. When you try to reach such a resource directly, you get the following error:

    This server could not prove that it is csslayout.evangelismcoach.org; its security certificate is from *.cloudfront.net. This may be caused by a misconfiguration or an attacker intercepting your connection.

    So the subdomain does not have a valid certificate. I don’t know how these subdomains are inserted, I guess it’s W3TC that replaces your urls to these subdomains. I don’t know in what way you can control these urls, but my guess is you have to choose between
    – changing these urls to a cloudfront.net url, which has a valid cert
    – get a wildcard certificate which covers your subdomains as well.

Viewing 2 posts - 1 through 2 (of 2 total)
  • The topic ‘Playing nice with Amazon S3 bucket and cloudfront’ is closed to new replies.

Subscribe