Search code examples
amazon-web-servicesamazon-s3amazon-cloudfront

HTTPS for S3 bucket with redirection

I have a website on example.com. I have created a S3 bucket and set it up to redirect all requests to example.com and I have created a DNS entry to point www.example.com to that S3 bucket. So far, redirecting from http://www.example.com --> http://example.com works fine

I am having trouble redirecting https traffic from https://www.example.com --> https://example.com.

I have created a Cloudfront distribution and added SSL to it and pointed it to the S3 bucket mentioned above. When I try to access that distribution given domain name, instead of being redirected I am getting the following in browser:

<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <Name>www.example.com</Name>
  <Prefix/>
  <Marker/>
  <MaxKeys>1000</MaxKeys>
  <IsTruncated>false</IsTruncated>
</ListBucketResult>

My distribution general settings are

Distribution ID XXXXXXXXXXXX
Log Prefix  -
Delivery Method Web
Cookie Logging  Off
Distribution Status Deployed
Comment -
Price Class Use All Edge Locations (Best Performance)
AWS WAF Web ACL -
State   Enabled
Alternate Domain Names (CNAMEs) -
SSL Certificate mycert
Domain Name xxxxxxxxxxx.cloudfront.net
Custom SSL Client Support   Only Clients that Support Server Name Indication (SNI)
Default Root Object -
Last Modified   2016-01-18 16:12 UTC+2
Log Bucket

Any idea how to make it work ?

Solution

  • You are close. CloudFront is the correct solution.

    Instead of selecting the bucket from the drop-down, you need a slightly different approach.

    In the redirecting bucket's static web site hosting configuration, find the endpoint. This will be in a form similar to bucket-name.s3-website.${aws_region}.amazonaws.com.

    Use this hostname, instead of selecting the bucket from the drop-down list.

    When you specify the bucket name in this format, you can use Amazon S3 redirects and Amazon S3 custom error documents.

    http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html

    Note also that your Origin Protocol Policy, which specifies the protocol used between CloudFront and S3, must be set to HTTP Only. (This setting is back-end only, the front-end can still be https).