Replace site’s hostname with CNAME errors

  • I created a CNAME in cpanel and am attempting to use it to customize the links to my files hosted on S3. I have read through many tutorials and forums but haven’t found any solutions. When I enable this feature, my hosted resources all return the error:
    Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID

    I am using HTTPS, and links use HTTPS, but when I try to directly follow the links that are generated with the CNAME I get the insecure browser message “Your connection is not private” screen. If I remove the “S” and follow the same links (HTTP) then the resource is accessible.

    So somewhere along the way there is a security issue? I have a self-hosted cpanel-generated SSL on my domain and requested a wildcard one from Amazon for my domain as well.

    Does anyone know how to solve this? I know I am missing a step or some crucial information, but can’t seem to find answers anywhere. Is there something I need to configure in W3TC, my server, or S3?

    Any help is appreciated!

    EDIT: site pw is “sirules”

    Thanks,
    j

    • This topic was modified 6 years, 3 months ago by jdyach. Reason: updated w/ site access
    • This topic was modified 6 years, 3 months ago by jdyach.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter jdyach

    (@jdyach)

    UPDATE: I requested a new wildcard Let’s Encrypt SSL for my domain (so no longer self-signed) and that got rid of the ERR_CERT_AUTHORITY_INVALID error.

    Now the error I am getting is ERR_CERT_COMMON_NAME_INVALID
    Subject: *.s3.amazonaws.com

    I gather this is because my links are now pointing to the CNAME address, and not the default *.s3.amazonaws.com, so it doesn’t match the cert.

    So any ideas on how I get around this?

    Thread Starter jdyach

    (@jdyach)

    According to these articles:
    https://www.h3xed.com/web-development/using-https-with-amazon-s3-and-your-domain?cadd=1#comments
    https://stackoverflow.com/questions/42441828/https-on-s3-without-cloudfront-possible
    Amazon S3 doesn’t support domain/subdomain mapping using a CNAME, with HTTPS. Why then would “Replace site’s hostname with a CNAME” be an available option? Surely this issue has been encountered before.

    I don’t want to use CloudFront if i don’t have to, but will that really be the only solution for me to get this working?

    Thanks,
    j

    • This reply was modified 6 years, 3 months ago by jdyach. Reason: added second article source
    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello,

    There is a possibility that you have a misconfiguration somewhere in your DNS or the SSL certificate is not installed correctly.
    If that’s the case this might not be related to W3 Total Cache.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Replace site’s hostname with CNAME errors’ is closed to new replies.

Tags