具有重定向功能的S3存储桶的HTTPS [英] HTTPS for S3 bucket with redirection

问题描述

我在 example.com 上有一个网站。我创建了一个S3存储桶，并将其设置为将所有请求重定向到 example.com ，并且创建了DNS条目，将 www.example.com 指向该S3存储桶。到目前为止，从 http://www.example.com -> http://example.com 正常工作

I have a website on example.com. I have created a S3 bucket and set it up to redirect all requests to example.com and I have created a DNS entry to point www.example.com to that S3 bucket. So far, redirecting from http://www.example.com --> http://example.com works fine

我无法从 https：//www.example重定向 https 流量。 com -> https://example.com 。

I am having trouble redirecting https traffic from https://www.example.com --> https://example.com.

我已经创建了一个Cloudfront发行版，并向其中添加了SSL，并将其指向上述S3存储桶。当我尝试访问给定域名的分发时，而不是被重定向，我在浏览器中得到以下内容：

I have created a Cloudfront distribution and added SSL to it and pointed it to the S3 bucket mentioned above. When I try to access that distribution given domain name, instead of being redirected I am getting the following in browser:

<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <Name>www.example.com</Name>
  <Prefix/>
  <Marker/>
  <MaxKeys>1000</MaxKeys>
  <IsTruncated>false</IsTruncated>
</ListBucketResult>

我的分配常规设置为

Distribution ID XXXXXXXXXXXX
Log Prefix  -
Delivery Method Web
Cookie Logging  Off
Distribution Status Deployed
Comment -
Price Class Use All Edge Locations (Best Performance)
AWS WAF Web ACL -
State   Enabled
Alternate Domain Names (CNAMEs) -
SSL Certificate mycert
Domain Name xxxxxxxxxxx.cloudfront.net
Custom SSL Client Support   Only Clients that Support Server Name Indication (SNI)
Default Root Object -
Last Modified   2016-01-18 16:12 UTC+2
Log Bucket

任何想法如何使其工作？

Any idea how to make it work ?

推荐答案

您很亲密。 CloudFront是正确的解决方案。

You are close. CloudFront is the correct solution.

与其从下拉列表中选择存储桶，还需要一种略有不同的方法。

Instead of selecting the bucket from the drop-down, you need a slightly different approach.

在重定向存储桶的静态网站托管配置，找到端点。格式类似于 bucket-name.s3-website。$ {aws_region} .amazonaws.com 。

In the redirecting bucket's static web site hosting configuration, find the endpoint. This will be in a form similar to bucket-name.s3-website.${aws_region}.amazonaws.com.

使用此主机名，而不是从下拉列表中选择存储桶。

Use this hostname, instead of selecting the bucket from the drop-down list.

以这种格式指定存储桶名称时，您可以使用Amazon S3重定向和Amazon S3自定义错误文档。

When you specify the bucket name in this format, you can use Amazon S3 redirects and Amazon S3 custom error documents.

http ：//docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html

请注意您的原始协议政策 ，它指定了CloudFront和S3之间使用的协议，并且设置为仅HTTP。 （此设置仅是后端，前端仍可以是https）。

Note also that your Origin Protocol Policy, which specifies the protocol used between CloudFront and S3, bust be set to HTTP Only. (This setting is back-end only, the front-end can still be https).

这篇关于具有重定向功能的S3存储桶的HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！