I want to do the following and I’m not sure how to achieve it.
I own two domains example.com and example.com.ar, my intention is to have example.com.ar resolve to example.com.
Context:
example.com is registered via Route 53 with AWS and the DNS is managed using a Hosted Zone there.
example.com’s site is hosted using an S3 bucket and served using CloudFront. I have in Route 53 an A record (with an alias) to the CloudFront distribution.
example.com has SSL enabled using a certificate from AWS ACM.
I registered example.com.ar and have delegated DNS resolution to Cloudflare DNS.
I have added a CNAME record from example.com.ar to example.com in Cloudflare, but I get a 403 error when navigating.
Any idea if what I want to achieve is possible and/or what am I doing wrong/missing?
Your content should only be available under one domain name. If you want that site to be example.com.ar, then configure the site that way. That’s why you’re getting the 403.
And then redirect example.com over to example.com.ar:
For future reference, I managed to solve this, in case anyone faces the same problem.
How I solved the TLS error?
I had to change the minimum TLS version to 1.2
I had to disable the TLS 1.3 required
Connection type had to be Flexible
How i managed to solve the DNS resolution?
I emitted an SSL certificate using AWS ACM for the following FQDN example.com, *.example.com, example.com.ar, and *.example.com.ar. Using DNS verification I added the required records on Route 53 for example.com and Cloudflare for example.com.ar.
I added the new CNAMEs example.com.ar and *.example.com.ar to the CloudFront distribution and change the SSL cert. to the newly emitted one.
You should not use Flexible. It misrepresents to your visitors that their traffic is encrypted when you are actually sending unencrypted HTTP requests between Cloudflare and your origin. The right solution is to fix your encryption setup between your origin and Cloudflare, and use Full (Strict).