I'm trying to set up Cloudflare for a SaaS platform to offer custom domains to my customers.
My website is hosted on AWS Elastic Beanstalk and uses a CNAME to connect to the Beanstalk server.
I want to provide my customers with subdomains on my website, such as app.customer1.com or test.customer2.com, which resolve to content from any of the avaialble subdomain at *.example.com.
Here is what I did to setup;
Created a fallback origin host.example.com
Added app.customer1.com and test.customer2.com as custom hostname.
Ask my customer to create a new DNS record as app CNAME host.example.com
Created two DNS records on my example.com website - * CNAME host.example.com and host CNAME MY-AWS-ELASTIC-BEANSTALK-URL
However, when I visit app.customer1.com or test.customer2.com, it shows the default Elastic Beanstalk URL instead of content from *.example.com.
I tried changing the customer's DNS record to app CNAME app.example.com, but it still shows the default URL. How can I resolve this issue?
Related
I just configured SSL certificate on a domain that routes to my Elastic Beanstalk ALB.
However, it seems like the SSL lock icon does not show for domains with subdomain other than www.
for example, the lock icons shows for www.myDomain.com and myDomain.com. But it does not show for api.myDomain.com or www.api.myDomain.com.
How I set it up:
I went on AWS Certificate manager and requested for SSL certificate on my domain. Then, I went to Route 53 and created a record alias to my elastic beanstalk load balancer with subdomains of www, ``, and api. I don't know why but only www.myDomain.com and myDomain.com shows the ssl lock, not for api.myDomain.com.
The reason I want to do this is because I want to use api.myDomain.com for my API and myDomain.com for my front end app. Is this best practice?
can anyone help me with this?
I am facing difficulty in serving requests from test.domain.com with the configuration with a combination of AWS Certificate Manager (ACM), AWS EC2 (linux AMI), AWS CloudFront (CF), Google DNS and Apache server.
I have following setup in public_html directory:
I have 2 folders in /var/www/html
prod
test
Objective is to serve requests received from test.domain.com using test directory and the ones received from domain.com using prod directory.
The setup is working fine with acme ssl certificates ie., for production (domain.com), we are using acme SSL certificate and DNS is pointing to Elastic IP and working fine. Even test.domain.com was working
fine with acme ssl setup.
However, I'm trying to switch to ACM. As it works only with CF and ELB (AWS Elastic Load Balancer), created a CF distribution.
Created one CloudFront (CF) distribution pointing to AWS EC2 endpoint with Origin path /test.
Redirected test.domain.com to CF distribution in Google DNS as the domain is registered with them.
With this setup, test.domain.com is also presenting domain.com and not the test server as anticipated.
https.conf has correct DocumentRoot for each ServerName. But, request is not hitting the virtualhost of test server..
whats missing? pls suggest..
You can try below:
Add both domain.com and test.domain.com to CloudFront CNAME list.
ACM certificate which has common name/SAN as domain.com and *.domain.com (or test.domain.com)
In CloudFront cache behavior , whiteist HOST header, this will make sure that when client access domain.com , cloudfront send the same value in host header when contacting origin.
Link:
Forward host header
I have a domain name mydomain.com, which is from godaddy. I have a hosting plan from AWS.
I have the nameservers, got from 'Route 53 hosted zone' which are in the format as below:
ns-123.awsdns-11.com
ns-123.awsdns-22.org
ns-123.awsdns-33.net
ns-123.awsdns-44.co.uk
I added the above nameservers in the nameservers options in the manage nameservers section of godaddy.
Its been around a week but i am still not able to see my content live for mydomain.com. Unable to understand if i am missing anything.I referred this link.
I bought a domain from Namecheap and I have all my files hosted on EC2. I set my A Addresses on Namecheap to my elastic IP and so far it's working.
When I try to create subdomains (using this guide) on my Apache's vhost but there is no connection. Do I need to set up anything specific in the Namecheap host records or EC2?
I'm running a standard virtual Ubuntu server with LAMP. I tried the normal things like restarting Apache and checking error logs (nothing found).
If you want to use a subdomain, you will also need to point that subdomain to the elastic ip as well in your namecheap DNS, and then bind the subdomain in apache to the website/location that it should serve files from.
I am using Namecheap for domain registration and for DNS, and using Heroku for hosting. I have purchased an SSL certificate through Namecheap and set it up with Heroku, and have it nearly working perfectly.
Currently, I have a DNS CNAME record with host "www" pointing to "[whatever].herokussl.com.", and a "#" host record set to URL Redirect (301) to "http://www.[domain].com".
My app itself forces all HTTP traffic to redirect to HTTPS, so "http://www.[domain].com" goes to "https://www.[domain].com".
I am getting the following results:
http://www.[domain].com - properly navigates to site as HTTPS
https://www.[domain].com - properly navigates to site as HTTPS
http://[domain].com - properly navigates to site as HTTPS
https://[domain].com - **does not** navigate to site, and instead the browser cannot find the page
I believe this has to do with how the URL Redirect behaves behind the scenes. I had originally done this as CNAME record pointing directly to "[whatever].herokussl.com.", but apparently doing that on the zone apex blocks MX records...
What do I need to do to get the desired behavior? I simply want all naked or "www" domains to point to my "www" domain.
UPDATE: More information regarding my DNS settings
HOST NAME IP ADDRESS/URL RECORD TYPE
--------- -------------- -----------
# http://www.[domain].com URL Redirect (301)
www [whatever].herokussl.com. CNAME (Alias)
My SSL certificate was not a wildcard, just an EssentialSSL certificate from Comodo. I'm fine if only www.[domain].com works (with a redirect from the naked domain), although when I was using a CNAME for both the apex and "www", it was working as a naked domain with SSL just fine.
If you use DnsSimple, you can use their ALIAS record feature.
The DnsSimple ALIAS record is not a standard DNS record type, and is not the same thing as a CNAME record. Rather, DnsSimple supports it in a special way, by performing the DNS resolution for you and returning to your browser the results. This is different from all other DNS records, where the DNS server performs no processing but simply returns the record to your browser on-demand.
There may be other DNS vendors with their own similar features.
However, with only vanilla DNS, HTTP-only 3xx's from your nameserver, and Heroku, there is no way to get SSL to the zone apex (the domain name with no www.).