I’m trying to set up a small website on Amazon Web Services. I have added the files so that it serves the pages correctly but this is only on http.
I’m now trying to add https to it, but I cannot seem to be able to pass AWS’s certificate validation.
The AWS guide suggests that I remove the domain name from the NAME generated (which I’ve done) eg it was something like _kljshckjsof87w9.quickbooksonlineexpert.co.uk so I’ve only added a _kljshckjsof87w9 CNAME record for the NAME. I’ve copied the corresponding VALUE into the same CNAME record.
Their DNS validation for the cert can take up to a couple of days, but I’m sure there is something else wrong but not sure what to change. I’ve tried a couple of times with them, and waited a couple of days, but no joy. I would try their AWS support, but I’m on the Free Tier, so I’m trying to initially reach out to the Cloud Flare community in the hope that someone has also obtained a free SSL from AWS and can point me in the right direction.
I’d also tried once with removing the underscore from the start of the VALUE as their guide suggested this may be required in some circumstances, but this made no further difference.
many thanks - any info to help will be appreciated.
Thanks Sandro - I didn’t mean that “_kljshckjsof87w9” was the exact spelling for the CNAME name, I was just trying to show that I’d taken the bare domain name away from what Amazon gave me. (I wasn’t sure it was a good idea to put the exact CNAME name that Amazon gave - sorry if I’ve confused matters.)
If I perform a nslookup -cname for the name from AWS, I get the following:
primary name server = carmelo.ns.cloudflare.com
responsible mail addr = dns.cloudflare.com
serial = 2036334491
refresh = 10000 (2 hours 46 mins 40 secs)
retry = 2400 (40 mins)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
If this doesn’t help, then your kind suggestion to use a Cloudflare SSL is much appreciated.
Many thanks for your help
I have now imported an SSL cert for *.quickbooksonlineexpert.co.uk and quickbooksonlineexpert.co.uk on the AWS Certificate Manager, but it now seems that I also need to deploy AWS CloudFront in order to get the https in place.
I was hoping to not add further complications, but this seems like I’ll need to research more - I was just after a free hosting and SSL for a small static website, but it looks like AWS Cloudfront is free for 12 months, so I may just need to look for another cheap hosted service anyway
thanks
thanks but can you clarify that last bit please - as I’ve now got an SSL from Cloudflare, how can I check it works on HTTPS before I add it to Cloudflare?
I do appreciate your help - as you can probably tell, this isn’t my main job, I’m just trying to host a free SSL hosted website and it feels like I’m nearly there, but can’t get over the line!
I would pause Cloudflare for now so that everything resolves straight to your server and then you can check if SSL works. Pausing is done on the main Overview screen at the bottom right.
In the meantime, I’ve found a good article online (not sure if the forum rules prefer me to post the URL?) so I’ve now been able to make the necessary changes to get the website serving pages over HTTPS.
I am afraid, unless you blocked port 443, neither server is configured for SSL. They are not even listening on 443. You’ll most likely have an insecure Cloudflare setup.
As I mentioned earlier, you need to make sure your Amazon server has a valid certificate and functions on HTTPS. Keep it paused until that is fixed and unpause it only once it loads fine on HTTPS.
The whole site does not load, not just an invalid certificate.