Problems using custom CNAME with CloudFront CDN over SSL

  • Resolved sadhaka

    (@sadhaka)


    6 years, 1 month ago

    I have a problem configuring W3TC when using a custom CNAME and SSL/HTTPS for a CloudFront distribution.

    I set up a CloudFront distribution to use as a CDN on my WordPress site, using the W3TC plugin to configure things. I imported an SSL certificate to use with the CloudFront distribution. I used a CNAME for the distribution (e.g., “cdn.example.com”) to use in place of the CloudFront domain name (e.g., “d1234.cloudfront.net”).

    I set up W3TC, enabling the CDN as Amazon CloudFront in the General settings. In the W3TC CDN tab settings, I enabled SSL support and entered the custom CNAME. The “Test CloudFront distribution” button indicated the green “Test passed”.

    All seemed OK until I checked the site front-end and saw that all the images were just broken image links. Right-clicking an image to open it in a new browser window resulted in the browser warning me that “the connection is not private” and that the website “may be impersonating cdn.example.com”. A glance at the source showed that none of the CloudFront CDN resources were being loaded.

    Clearly there was something wrong and it seemed as if the CloudFront distribution wasn’t associating itself correctly with the SSL/HTTPS connection.

    However, after experimenting I found that if I deleted the CNAME (i.e., “cdn.example.com”) in W3TC, and used the not-so-pretty CloudFront domain name (i.e., “d1234.cloudfront.net”) instead, everything worked all right. Images loaded successfully from d1234.cloudfront.net, where they wouldn’t from cdn.example.com.

    I have another site that is set up exactly the same except it doesn’t use SSL/HTTPS: the use of a custom CNAME for the CloudFront distribution there doesn’t cause any problems at all.

    Therefore the problem seems specifically to occur when using a custom CNAME and SSL/HTTPS with a CloudFront CDN.

    I realise that this problem straddles different technologies and platforms, any of which might be implicated, but since W3TC is intimately associated with setups like this, I wondered if anyone might know why I have these problems when I configure W3TC using the CNAME, with a CloudFront CDN used with SSL/HTTPS.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello,

    There is a possibility that you have a misconfiguration somewhere in your DNS or the SSL certificate is not installed correctly.
    If that’s the case this might not be related to W3 Total Cache.

    Thread Starter sadhaka

    (@sadhaka)

    I seem to have seen this exact response somewhere before lol but thanks

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @sadhaka,
    This seems like a similar issue.

    I hope this helps and please provide s with the feedback if you resolve the issue.

    Thread Starter sadhaka

    (@sadhaka)

    It was the SSL certificate – it needed to be changed for one that covered the CNAME domain. Thanks

    bgdstr

    (@bogdanstratulat)

    I am happy to hear that everything has been sorted out. However, please take 2 minutes and provide us with a 5 star rating for our plugin and I promise you that the entire team at W3 Total Cache will put in their best efforts in every feature release.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Problems using custom CNAME with CloudFront CDN over SSL’ is closed to new replies.