|
|
|
|
|
|
by Jarwain
1480 days ago
|
|
|
> For #4, this is actually frustratingly difficult, but if your constraints are not adding to the complexity, your best bet is to not, and just set your cookies to the domain. But if you like, one approach that would work: - Cert with SAN - CNAME's on the CF distribution - S3 Bucket And the sneaky bit: Use a cloudfront lambda to redirect "wrong" Hosts - comes with a cost, but it's super marginal. > Otherwise, your best approach is sadly a second cloudfront distribution with a different bucket (or bucket path) that just hosts a redirecting index key because you end up fighting stupid AWS design decisions. > Not that I've ever wasted stupid amounts of time on this particular problem... Doesn't this document[0] cover dealing with ssl on cloud front? Plus Amazon's Cert Manager? Or is it missing something? Pair that with an redirect/alias of www=>@ and you should be golden? [0]https://docs.aws.amazon.com/AmazonCloudFront/latest/Develope... |
|
|