The certificate returned from the origin must cover the domain that you specified for Origin Domain Name for the corresponding origin in your distribution. In addition, if you configured CloudFront to forward the Host header to your origin, the origin must respond with a certificate matching the domain in the Host header.
I am currently using allow_domain to control which certs are generated and request_domain to return the origin cert in certain cases. However, I do not see a hook for specifying which domains are requested for the certificate. Is there any way to specify an additional domain to include in the certificate?
I am trying to request certificates with auto-ssl for use behind Cloudfront for some domains. Cloudfront requires ssl certificate to cover the origin domain name plus the domain requested via the host header.
I am currently using
allow_domainto control which certs are generated andrequest_domainto return the origin cert in certain cases. However, I do not see a hook for specifying which domains are requested for the certificate. Is there any way to specify an additional domain to include in the certificate?