I have a domain (example.com) with SSL support. I am having an issue when trying to redirect a request from www.example.com
-> https://example.com
.
The error I get when trying to access www.example.com is:
The request could not be satisfied.
Bad request.
These URLs work (redirect to https://example.com
)
example.com
http://example.com
https://example.com
http://www.example.com
shows that the website is not secure, meaning it does not use the certificate.
S3
I have created 2 S3 buckets example.com & www.example.com (A and B, respectively). Bucket A's Static Website Hosting has enable website hosting pointing to example.com. Bucket B's Static Website Hosting has redirect all requests to example.com.
Cloudfront
I have a distribution with 2 Alternate Domain Names (CNAMEs), example.com and www.example.com. I also have an SSL cert on this dist.
Route 53
I have a hosted zone with 2 A-type aliases, example.com and www.example.com that both point to Cloudfront's distribution (XX.cloudfront.net)
You need to have your content being distributed by Cloudfront. So the content from your S3 bucket will go through Cloudfront before being served. You can find info about how to do it here: Using CloudFront with Amazon S3
Then, for the second part, to have all your data served with https, do the following: Go to CloudFront > Your distribution > behaviour tab > select the first element of the list and click Edit. Then you should be able to see an option for redirecting http to https.
I'm surprised that you're having luck with the SSL endpoints, as it's my understanding that the proper setup is to disable static website hosting on the s3 buckets and make sure all traffic to them is going through Cloudfront. Cloudfront will handle SSL itself, including redirects from HTTP to HTTPS, provided that you configure your Cloudfront origin to only allow HTTPS access via the
Origin Protocol Policy
setting.For setting up the Cloudfront-to-s3 configuration: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html
For restricting s3 to be accessible only by Cloudfront: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html