将Godaddy的HTTPS转发给AWS [英] forwarding HTTPS from Godaddy to AWS
问题描述
我是设立和管理网站的新手。我已经查看了许多以前的问题,似乎没有一个问题适合我的情况。我认为这个问题可能对其他许多人有用。
I'm new to setting up and managing Websites. I've looked through many previous questions and none seem to quite fit my case. I think this question may be useful to many others.
我在Godaddy购买了域名和托管服务。我还需要安全访问权限,所以我还在Godaddy上购买了SSL证书。因此,默认设置为 http://mydomain.com 和 https://mydomain.com 到我的网站。 Godaddy还将www子域名转发到我的网站 - 这一切都很完美。我现在需要添加一个数据库并支持增长,因此我将转移到AWS上的VPC,其中包含用于网站的公共EC2实例和用于数据库的私有EC2实例。
I purchased a domain name and hosting services on Godaddy. I need to also have secure access so I also purchased an SSL certificate on Godaddy. The default settings thus routed http://mydomain.com and https://mydomain.com to my site. Godaddy also forwarded the www subdomains to my site - this all worked perfectly. I now needed to add a database and support for growth, so I am moving to a VPC on AWS with a public EC2 instance for the Website, and private EC2 instance for the DB.
首先,我读过一些帖子,表明移动网站的最佳方式是使用Godaddy的域名控制将域名(通过301)转发到AWS网站。其他人似乎表明我应该让域服务器直接指向AWS网站。每种方法的优点/缺点是什么?哪种方法更好?
First, I've read some posts indicating that the best way to move the Website is to use Godaddy's domain controls to forward the domain (via 301) to the AWS Website. Others seem to indicate that I should just make the domain servers point directly to the AWS Website. What are the advantages/disadvantages of each approach? Which is the better approach?
我目前使用的是域转发方法。但是,对于Godaddy来说,这似乎只转发HTTP请求而不是HTTPS请求(它们得到'此网页不可用'错误)。有没有办法将HTTPS地址转发给AWS并保留(重新生成?)SSL证书?我需要对SSL证书做些什么?如果我需要新的SSL证书,如何将其附加到Godaddy托管的域名,但是将其指向AWS上的网站?
I've currently used the domain forwarding approach. However, for Godaddy, this seems to only forward HTTP requests and not HTTPS requests (they get a 'This Webpage is not available' error). Is there a way to forward the HTTPS address to AWS and retain (rekey?) the SSL certificate? What do I need to do with the SSL cert? If I need a new SSL cert, how do I attach it to the domain hosted by Godaddy but point it to the Website on AWS?
我是新手,所以请详细说明。谢谢。
I'm a newbie, so please explain in detail. Thanks.
推荐答案
我通常以这种方式设置:
I typically setup things this way:
- 注册AWS Route53 DNS并指向godaddy。我更喜欢这个,因为如果我们使用Route53,很容易在DNS中映射AWS等资源。 Howto
- 使用Elastic Beanstalk而不是手动配置EC2和ELB并在Beanstalk / ELB上设置SSL证书。 Howto
- 处理appserver配置中的https重定向。 Howto
- Register for AWS Route53 DNS and point godaddy to this. I prefer this because it is easy to map AWS resources like S3 etc in DNS if we use Route53. Howto
- Use Elastic Beanstalk instead of manually configuring EC2 and ELBs and Setup the SSL certs on Beanstalk/ELB. Howto
- Handle the https redirect in your appserver configuration. Howto
您目前使用godaddy转发(301)https到AWS的方法无效。 Godaddy的转发正在他们正在运行的转发网络服务器上进行(而不是在DNS级别)。因此,如果他们必须接受https连接并转发,那么他们需要此证书,显然他们没有您的域名证书。所以godaddy转发的唯一帮助就是将http转发到你需要的任何地方。通常我使用它来停放其他域而不是主域(比如xyz.net,xyx.co等到xyz.com,其中.com是主域)。在这里用户不会明确键入https,因此它几乎可以工作。
Your current approach of "Forwarding (301)" of https to AWS using godaddy wont work. The forwarding by Godaddy is happening on a forwarding-webserver they are running (not at DNS level). So if they have to accept an https connection and forward, then they need the certificate for this and obviously they dont have your domain's certificate. So the only help godaddy forwarding will do is to forward the http to wherever you need. Typically I use this for "parking" additional domains and not for the primary domain (say xyz.net, xyx.co etc to xyz.com, where the .com is the primary domain). Here users wont go and type https explicitly and so it practically works.
现在,对于主域名,他们需要输入https(或者您将其重定向到https) - 在这种情况下,您需要执行CNAME或A记录映射。这可以通过Route53(aws)或Godady本身,通过更改DNS记录(而不是301转发)来完成。长解释,希望它澄清!
Now, for the primary domain, they need to type https (or you redirect them to https) - In this case, you need to do a CNAME or A-record mapping. This can be done on Route53 (aws) or at Godady itself, by changing the DNS records (not 301 forwarding). Long explanation, hope it clarifies !
这篇关于将Godaddy的HTTPS转发给AWS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
