gadams999
commented
4 years ago The error is due to the certificate not being in the us-east-1 region. This is a requirement for CloudFront distributions using HTTPS. Closing this out as we're tracking in issue #11 this and the potential OAI changes.
I am trying to create the environment of the workshop in eu-central-1. Fixed some issues in cdk_app.py and static_site_construct.py (listed in an other issue). The application starts to create the stack however it fails with this error message:
28/99 | 3:32:46 PM | CREATE_FAILED | AWS::CloudFront::Distribution | StaticSite/SiteDistribution/CFDistribution (StaticSiteSiteDistributionCFDistribution500D676B) The specified SSL certificate doesn't exist, isn't in us-east-1 region, isn't valid, or doesn't include a valid certificate chain. (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: 118a47d5-6e62-43ec-9ef8-74f18170b8a1) new CloudFrontWebDistribution (/tmp/jsii-kernel-8eVR2P/node_modules/@aws-cdk/aws-cloudfront/lib/webdistribution.js:338:30) \ obj._wrapSandboxCode (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7761:49) \ Kernel._wrapSandboxCode (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:8221:20) \ Kernel._create (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7761:26) \ Kernel.create (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7508:21) \ KernelHost.processRequest (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7296:28) \ KernelHost.run (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7236:14) \ Immediate.setImmediate [as _onImmediate] (/home/ec2-user/environment/connected-drink-dispenser-workshop/deploy/.env/lib/python3.6/dist-packages/jsii/embedded/jsii/jsii-runtime.js:7239:37) _ runCallback (timers.js:705:18) _ tryOnImmediate (timers.js:676:5) \ processImmediate (timers.js:658:5)
I assume the problem is that it tries to use the ssl certificate in us-east-1 which is available in eu-central-1. I configured Region=eu-central-1 in config.json and fixed the constant in cdk_app.py. I cannot find any other occurence of "us-east-" in the sources but the application seems to get this information from somewhere.