amazon-web-services - 向网站添加 SSL 证书/云前端分发不起作用

问题描述

该网站托管在 aws 存储桶中，启用了公共访问，并且它与 http 一起工作尝试添加 https 访问 - 请求/添加的证书，配置了 Cloud Front 分发，阅读了一堆关于 StackOverflow 的建议，仍然无法正常工作。

当根据 CloudFront 下拉菜单的提示将源配置为 mywebsite.com.s3.us-east-1.amazonaws.com 时，我收到 XMl（不是 HTML）错误 NoSuchKey for index.html（在那里）。

当我使用网站端点 mywebsite.com.s3-website-us-east-1.amazonaws.com 我得到 ERR_TOO_MANY_REDIRECTS

www.mywebsite.com被重定向到 mywebsite.com

一切都是基于 AWS 的，阅读我能找到的所有内容，更新存储桶策略等。似乎没有任何帮助。我可以在哪里寻找解决方案的任何想法？

{“ETag”：“E2UARY2PF3JN6L”，“分发”：{“Id”：“E2VAMJ3R5UEYSD”，“ARN”：“arn：aws：cloudfront：：098706368979：分发/E2VAMJ3R5UEYSD”，“状态”：“已部署”，“ LastModifiedTime”：“2021-08-18T19:41:28.165Z”，“InProgressInvalidationBatches”：0，“域名”：“dwm6otdm3onq4.cloudfront.net”，“ActiveTrustedSigners”：{“启用”：假，“数量”：0 }，“DistributionConfig”：{“CallerReference”：“49a807de-37a4-4c9f-add6-739dcffd27cb”，“别名”：{“数量”：2，“项目”：[“www.mywebsite.com”，“mywebsite. com" ] }, "DefaultRootObject": "index.html", "Origins": {"数量”：2，“项目”：[ {“Id”：“www.mywebsite.com.s3.us-east-1.amazonaws.com”，“域名”：“mywebsite.com.s3-website-us-东 1.amazonaws.com”、“OriginPath”：“”、“CustomHeaders”：{“数量”：0 }、“CustomOriginConfig”：{“HTTPPort”：80、“HTTPSPort”：443、“OriginProtocolPolicy”：“匹配查看器”，“OriginSslProtocols”：{“数量”：3，“项目”：[“TLSv1”，“TLSv1.1”，“TLSv1.2”]}，“OriginReadTimeout”：30，“OriginKeepaliveTimeout”：5 } }, { "Id": "mywebsite.com.s3.us-east-1.amazonaws.com", "域名": "mywebsite.com.s3-website-us-east-1.amazonaws.com", “源路径”：“", "CustomHeaders": { "Quantity": 0 }, "CustomOriginConfig": { "HTTPPort": 80, "HTTPSPort": 443, "OriginProtocolPolicy": "http-only", "OriginSslProtocols": { "Quantity": 3，“项目”：[“TLSv1”，“TLSv1.1”，“TLSv1.2”]}，“OriginReadTimeout”：30，“OriginKeepaliveTimeout”：5 } }]}，“OriginGroups”：{“数量”： 0 }，“DefaultCacheBehavior”：{“TargetOriginId”：“www.mywebsite.com.s3.us-east-1.amazonaws.com”，“ForwardedValues”：{“QueryString”：false，“Cookies”：{“Forward ": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } },"TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "redirect-to-https", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items" ：[“HEAD”，“GET”]，“CachedMethods”：{“Quantity”：2，“Items”：[“HEAD”，“GET”]}}，“SmoothStreaming”：false，“DefaultTTL”：0， “MaxTTL”：0，“压缩”：true，“LambdaFunctionAssociations”：{“数量”：0}，“FieldLevelEncryptionId”：“”}，“CacheBehaviors”：{“数量”：0}，“CustomErrorResponses”：{“数量”：0 }，“评论”：“”，“记录”：{“启用”：假，“IncludeCookies”：false，“Bucket”：“”，“Prefix”：“”}，“PriceClass”：“PriceClass_100”，“Enabled”：true，“ViewerCertificate”：{“ACMCertificateArn”：“arn：aws：acm： us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408", "SSLSupportMethod": "sni-only", "MinimumProtocolVersion": "TLSv1.2_2021", "Certificate": "arn:aws: acm:us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408", "CertificateSource": "acm" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", “数量”：0 } }，“WebACLId”：“”，“HttpVersion”：“http2”，“IsIPV6Enabled": true }, "AliasICPRecordals": [ { "CNAME": "www.mywebsite.com", "ICPRecordalStatus": "APPROVED" }, { "CNAME": "mywebsite.com", "ICPRecordalStatus": "APPROVED " } ] } }

aws s3api get-bucket-policy --bucket mywebsite.com {

    "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"PublicReadGetObject\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicReadGetObjectVersion\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObjectVersion\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicListBucket\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:ListBucket\",\"Resource\":\"arn:aws:s3:::mywebsite.com\"}]}"
}

➜ ~ aws s3api get-bucket-website --bucket mywebsite.com

{ 
    "IndexDocument": {
        "Suffix": "index.html"
    }
}

标签： amazon-web-servicesamazon-s3amazon-cloudfront