CNAME to S3 Bucket resulting "Not Secure" error in browsers

Hi folks,

I’m following the instructions I found here to set up a CNAME in the CF DNS editor that points to the S3 bucket I’m using as storage for my CDN.

I’ve done this before and it worked great. Essentially I prepend my bucket name to the AWS S3 url like so: cdn.mysite.com.s3.us-east-1.amazonaws.com and use that URL as the value for the CNAME record I create using the CF DNS editor. So I end up with something like so:

CNAME cdn cdn.mysite.com.s3.us-east-1.amazonaws.com

So that worked on the last project I was on with SSL set to “Full” in CF. But this time it’s not working and I’ve spent two days trying to figure out what’s different but can’t figure out what’s going wrong.

It routes insecure traffic just fine, but when I attempt to use https all browsers produce a “This connection is not private” error.

Anyone else run into this before and find a solution?

Is that CNAME set to :orange: Proxied?

3 Likes

AH! Nope, it was not. And, of course, if it’s not proxied via CF then there’s no way for CF to evaluate the origin cert.

Okay, thanks sdayman, I’ll try and remember that for next time!

3 Likes

I am not 100% sure if AWS S3 bucket is having an SSL certificate and support HTTPS itself?

Maybe this can help:

Yes. But the SSL cert is only valid for *.s3.your-region.amazonaws.com.

We have a long discussion about this previously:

1 Like

@erictung Thank you for reminding me on this one! Will have to remember it.
Appreciate :wink:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.