I am facing difficulty in serving requests from test.domain.com with the configuration with a combination of AWS Certificate Manager (ACM), AWS EC2 (linux AMI), AWS CloudFront (CF), Google DNS and Apache server.
I have following setup in public_html directory:
I have 2 folders in /var/www/html
prod
test
Objective is to serve requests received from test.domain.com using test directory and the ones received from domain.com using prod directory.
The setup is working fine with acme ssl certificates ie., for production (domain.com), we are using acme SSL certificate and DNS is pointing to Elastic IP and working fine. Even test.domain.com was working
fine with acme ssl setup.
However, I'm trying to switch to ACM. As it works only with CF and ELB (AWS Elastic Load Balancer), created a CF distribution.
Created one CloudFront (CF) distribution pointing to AWS EC2 endpoint with Origin path /test.
Redirected test.domain.com to CF distribution in Google DNS as the domain is registered with them.
With this setup, test.domain.com is also presenting domain.com and not the test server as anticipated.
https.conf has correct DocumentRoot for each ServerName. But, request is not hitting the virtualhost of test server..
whats missing? pls suggest..
You can try below:
Add both domain.com and test.domain.com to CloudFront CNAME list.
ACM certificate which has common name/SAN as domain.com and *.domain.com (or test.domain.com)
In CloudFront cache behavior , whiteist HOST header, this will make sure that when client access domain.com , cloudfront send the same value in host header when contacting origin.
Link:
Forward host header
I am working with Load Balancing to have https to my static website and I have my domain in GoDaddy
I created a LoadBalancer with
Backend configuration: To my Cloud storage buckets & enabled CDN.
Frontend configuration: Https having static IP I have enabled
Google-managed SSL certificate with my domain example.com which is in GoDaddy.
Do I need to do any configuration in GoDaddy like pointing, After 10-20 min I get FAILED_NOT_VISIBLE in domain status
I am new and don't know how to link.
In google docs I can see DNS records for your domain must reference the IP address of your load balancer's target proxy, Can someone help me to understand.
https://cloud.google.com/load-balancing/docs/ssl-certificates?hl=en_US&_ga=2.190405227.-1195839345.1570257391#certificate-resource-status
Finally I fixed it, We need to point the Static IP to DNS in my case I have in GoDaddy, It took some time to point DNS and then it took time for my Google-managed SSL certificate to turn green.
Once it's done I hade an issue with err_ssl_version_or_cipher_mismatch for this we need to add Policy to tell LB to use TLS 1.2 but in my case it automatically resolved in 10 min.
We can Point DNS in two ways one by directly adding Static IP to A record in GoDaddy other is by creating a Cloud DNS in GCP and point Nameserver in Godaddy.
We must establish a link to confirm our DNS with Static IP of LB so that the SSL turns Green after confirming Domain status.
I have a domain called qlink.co.in and I have a cpanel for this domain.
In cpanel I created a sub domain - server1.quicklink.co.in
In this cpanel in DNS zone editor I pointed this sub domain to my server1 like shown in image below -
Now I can access my http://server1 IP address. My link as http://server1.qlink.co.in/.
If I install ssl on my qlink.co.in domain which comes with unlimited sub domain option, then do I need to do anything on my server1 server or not? Will my subdomain link work with https?
SSL should be installed on domain from the server where your domain is pointing. As your sub-domain is pointing to other provider's server, you should install the SSL from that server.
It will not work, if you will install it from the server where your main domain is pointing.
I just setup a brand new server at my host (NOT on a shared host btw), and apparently this IP was used previously and I keep getting requests in the apache logs for people going to that old domain (that has the same IP that has not been changed in DNS). Is there a simple way to tell Apache or htaccess to ONLY allow the domains I have defined there to serve my site, and ignore/drop/redirect others that aren't to my domain?
I see several people describing how to do this for a custom domain with sub-domain but no one talking about how to do it without one.
Example: Setting foobar.com and www.foobar.com to point to my Amazon S3–hosted site
I personally do not want the www prefix. Is there no way to make this happen? I seems crazy that Amazon would set it up to allow static sites and custom domains, then lock it down to prefixed domains?
Thanks in advance,
For historical reasons any URL needs to resolve to a subdomain, which you already know how to handle: Create a CNAME record with your DNS provider, pointing www to your S3-hosted subdomain. There are details to get right, described nicely elsewhere.
You nevertheless want to support users who, charmed that their browsers will autocomplete http:// and .com and such, want to type a naked domain domain.com, and have it automatically complete to your default subdomain such as www.domain.com.
The easiest way to accomplish this is to use www as your default subdomain, and point your DNS provider's A record at wwwizer.com (174.129.25.170). They automatically redirect any naked domain to the same domain with www in front.
You get fastest turnaround on development, and your visitors get fastest DNS resolution, if you use Amazon Route 53 to provide your DNS services. Route 53 can point its A records to wwwizer.com. However, you may want to create a micro Amazon EC2 instance, and start programming it. In the '50s everyone rebuilt their own cars. In the '80s everyone pushed a shopping cart down the aisle at Fry's, and built their own computer. Now, you want to be able to build your own computer in the cloud, for many reasons you will discover with time, and Amazon EC2 is best choice. For now, your cloud computer will simply handle naked domains for you. Later, email, generating the static site, ...
Install the Apache web server (the A in LAMP; a LAMP server will do the trick), and configure a virtual host for each of your domains. Then point an elastic IP address at your EC2 instance, and update Route 53 to have your A record point to this elastic IP address. Amazon doesn't support having multiple elastic IPs pointing to the same EC2 instance, but you can provide the same elastic IP to multiple domain A records, and have Apache resolve this within your EC2 instance.
This takes some fiddling and experimenting, as there's lots of conflicting advice on the details. I used the ami-ad36fbc4 instance image (US East, 64 bit EBS-backed Ubuntu 10.04 LTS), as I'm familiar with Ubuntu, there's plenty of online help with Ubuntu, and this image will be supported for years. I edited /etc/apache2/httpd.conf to have the contents
NameVirtualHost *
<VirtualHost *>
ServerName first.net
Redirect permanent / http://www.first.net/
</VirtualHost>
<VirtualHost *>
ServerName second.net
Redirect permanent / http://www.second.net/
</VirtualHost>
then checked for errors using
sudo /usr/sbin/apache2ctl configtest
then restarted the Apache server using
sudo /etc/init.d/apache2 restart
Apache is standard across Linux flavors, but the details such as file locations may vary, e.g./etc/apache2/httpd.conf could be /etc/httpd.conf. For example, it might be necessary put a Listen 80 in httpd.conf, but Apache throws an error if that command was already somewhere else. So read web instructions with a grain of salt, and be prepared to Google any error messages.
As I'd already been using Amazon Route 53 for days to point to wwwizer.com, this worked immediately once I updated Route 53 to point to my elastic IP. Before switching to Route 53, each change took days for me to verify, as the information propagated across the web. Once everyone knows to look to Amazon, Amazon can propagate its internal changes much more quickly.
Unfortunately you can not point foobar.com to an Amazon S3 bucket and the reason for this has to do with how DNS works.
DNS does not allow the root of a domain (called zone apex) to point to another DNS name (you can not have foobar.com set up as a CNAME / only subdomain.foobar.com can be a CNAME)
Since this question was asked things have changed. It is now possible to host your site on S3 with a root domain.
Instead of just having one bucket named "www.yourserver.com", you have to create another bucket with the nude (root) domain name, e.g. "yourserver.com".
After that you will have to use Amazon's DNS service Route 53. Create an A record for the nude domain and a CNAME for the "www" hostname.
Note that you will need to move the domain management of your domain to Amazon Route 53 completely.
See for the detailled walk-through here: http://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html