I have a simple website that I wanted to be on a custom dns. I had it running on elastic beanstalk but due to elastic beanstalk wanting me to setup a load balancer and two EC2's just to have a custom DNS, I decided to give lightsail container services a try. However.....
I created my container, deployed and it worked fine. I can access the public domain but for some reason, google has marked my website as dangerous? This wasn't the case on elastic beanstalk.
I then tried to create my custom domain. So I registered a domain name on Route 53 i.e. test.com, created the certificate on lightsail and then went back to route 53 to add a new cname record. The lightsail status changed to "Status:Valid, in use"
But my custom domain does not redirect to the public domain at all, I just get "This site can’t be reached" when navigating to "test.com" (not my real dns name)
You can do that with the below steps:-
1. Create a certificate with CNAME.
2. Add your Name and value in the R53 Hosted zone that will validate your certificate.
3. Now Choose a certificate to validate your custom domain.
Related
I configured A react app deployed in AWS S3 with cloud front and connected to ROUTE53 with Custom Domain purchased from GoDaddy .Certificate is issued from AWS ACM and it is linked to Cloud front , added alterative domain CNAME also. Initially it worked and redirected to HTTPS from HTTP. After some time I see strange behavior. Now I get GoDaddy Domain parked message message when it is in HTTP mode and This site can’t be reached The connection was reset or This site can't provide a secure connection with HTTPS.
Things I did
Checked Alternate domain name added or not and it was there.
Route53 I added A record and pointed to cloud front distribution.
Enabled S3 bucket as hosting .
Cloud front distribution served with root index.html and it works fine.
When it connects to custom domain it will work for sometime and again it will show domain parked message from GoDaddy and ERR_SSL_PROTOCOL_ERROR or ERR_CONNECTION_CLOSED
We are going multi-region for our project and there is a need for us to use an Azure traffic manager to route traffic to each region. Our setup looks like below where our app gateway is exposed via a public IP which I used to configure on the Azure Traffic Manager.
My issue is when I hit the traffic manager URL it give me an SSL cert error, while if I hit the App gateway URL directly it works fine on HTTPS. Looking at the below error I know I need to configure the traffic manager certificate and my question is
Is this needs to be configured somewhere in the traffic manager? OR
DO we need to configure this in the application gateway and change the app gateway ingress in Kubernetes with and also use traffic manager certificate there?
• The traffic manager works at the DNS level, thus as the DNS records pointing to the traffic manager’s public URL aren’t setup correctly, you are getting this error when browsing the traffic manager’s URL. Also, when you are accessing the application gateway URLs independently, they are being accessed successfully as the URLs for the application gateways are hosted on the Azure DNS and independent public IPs are also allotted against their DNS records. Thus, appropriate DNS records to route the DNS access request for the traffic manager’s website need to be updated.
• Since you are using multi region setup in Azure with load balancing features, I am considering that your custom domain and its DNS records are setup in Azure itself. And the URLs for the application gateway are setup as separate endpoints in the form of subdomains in the custom DNS record setup itself. Thus, when you browse the application gateway URLs according to the custom domain URL setup, you can access the application page correctly. With respect to the traffic manager, you will need to create a CNAME record pointing from your custom domain to the ‘*.trafficmanager.net’ domain, while also creating a CNAME record pointing from your custom domain to your generic application gateway URLS.
• Once done, create A host records for each application gateway endpoint pointing to the public IP address assigned by Azure to them. After doing the above, your traffic manager URL should be able to route and redirect the application access requests correctly. For more information, please refer to the community discussion below which specifies the exact details relating to your problem: -
Azure Traffic Manager SSL Setup (not classic)
I've just created a space on the Digital Ocean cloud.
To enable CDN, it asks for an SSL.
My domain manager is Cloudflare.
I've created a CNAME on the Cloudflare DNS settings page.
Then created an origin server SSL certificate and added those keys to the Digital Ocean subdomain settings page.
But I'm getting this error when I'm visiting the URL.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
How can I fix this issue?
Use SSL certificate for your original domain then it will work. Don't use a certificate generated by Cloudflare, because that is for something else that Cloudflare side use for to enable strict policy in their side.
Submitting the CNAME in App Platform before adding the record in the DO networking tab causes App Platform to register the domain with CloudFlare before it exists. There is a 30 minute TTL on this record then your domain will start working.
However, as a workaround you can remove the custom domain, let your app deploy, then re-add the custom domain and it should start working almost instantly.
I'm confused about this for a while.
I have an API application hosted on ECS and an ALB with a target of this ECS.
I need to setup Cognito for ALB but the ALB needs to be SSL-ed.
I also how a primary domain registered on a different DNS (not R53).
The AWS documentation says that there are two ways to route traffic to a LB. With CNAME or Alias record set.
My questions are:
Do I need a primary domain on R53 to create an alias record set for ALB? Do I need a registered domain at all or will alias automatically create a free one (since AWS says that alias is free)?
Can I create a subdomain CNAME on R53 of a primary domain hosted on another DNS?
Will I be able to pass paths from my alias or cname to the ALB, example:
If I enter a path in my ALB amazon given DNS name like this: "{DNS-ALB-name}.amazon.com/api/path1 this will GET that from the API application.
but if I have an Alias or CNAME how can i pass {CNAME-domain}.com/api/apth1 or {alias-domain}.com/api/path1 to the ALB domain which will in the end pass that path to API. Or do I need some sort of revers proxy server?
Can I SSL an alias record set?
Can I integrated a primary domain from another DNS to AWS R53 ss it is as if R53 has that TLD?
you need to either migrate the domain to Route53 or delegate it
if I understand your questions correctly - yes
assuming that I understand your questions correctly: the path and domain names do are separate things, unless you redirect. in this case CNAME will simply point the request at the load balancer, so domain does not actually matter
SSL is added to a resource such as load balancer ot ec2 server, not DNS entry. Once you create an alias and point it at e.g. application load balancer, you will be able to add certificate to it. it integrates well with AWS Certificate Manager
that's called DNS delegation, and yes it is possible
I bought a domain (xyz.com) from some domain provider.
I pointed its nameserver to Cloudflare to host dns.
I created an S3 bucket with name (xyz.com) and hosted my static website on it.
I added a CNAME record on cloudflare to point to the static website url of bucket.
Everything is working fine till here. (xyz.com) opens the static website hosted on S3 bucket.
Now I want to create (api.xyz.com) for AWS API Gateway custom domain.
I want API Gateway to trigger Lambda so that it computes and return back the result.
For above I added another CNAME record in cloudflare so that AWS ACM is able to issue me a certificate for (api.xyz.com). After few minutes ACM was able to issue me a certificate.
Now I added the custom domain in API Gateway and selected the above ACM certificate.
When I make http GET call to my api chrome shows:
This site can’t be reached
api.xyz.com’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN
How to fix this?
I am a beginner and maybe I am using some terms wrong. Please Ignore
Create a CNAME record to your api gateway and make sure you hit it using https