opattison
commented
8 years ago Thanks for the question! I will address in the morning, probably with an edit.
Closed michaellee closed 8 years ago
opattison
commented
8 years ago Thanks for the question! I will address in the morning, probably with an edit.
opattison
commented
8 years ago Adding some edits that will address these.
First, some answers:
For example, if I wanted just the bare domain, do I need to also set the CNAME for the www?
You only need to set up the CNAME for the URL that you want to point to the Cloudfront distribution. If I want only http://example.com and https://example.com to both point to my Cloudfront distribution, I will set up a CNAME of example.com in a single Cloudfront distribution. If I want http://example.com and https://example.com and http://www.example.com and https://www.example.com to direct to the same single Cloudfront distribution, I will set up two separate Cloudfront distributions, each with its own CNAME set to example.com and www.example.com respectively. The redirect from http://www.example.com and https://www.example.com to https://example.com will both be handled by a redirect in S3 (see following screenshot).
This is such an essential step and I almost missed it.
I think I will make this clearer. It’s found in the Behaviors tab after initial configuration, but is also a configuration option when first setting up the Cloudfront distribution.
This is found under the General tab on the CloudFront dashboard.
Yes, I will also explain this better. Same as above: the configuration location in the control panel changes after initial setup.
The confusion here is that the Cloudfront configuration is one big web form when you first set it up, and then three separate web forms in three different tabs after initial configuration. It is definitely complicated. There are reasons for this (primarily: setting defaults and alternate behaviors and origins) which are outside the scope of this post.
opattison
commented
8 years ago @michaellee One other point about CNAMEs: I don’t set up my Cloudfront distributions with both www.example.com and example.com because I don’t want both of them being canonical. If someone does type in www.olivermak.es, I want them to go to one single domain (olivermak.es). The same would be true if I wanted the inverse case, with www. as the canonical domain.
In the case of google.com, typing in any variation of google.com or www.google.com with any protocol always resolves to https://www.google.com. This consistency is the goal, regardless of whether the canonical domain has a www or not.
Your personal website already has this behavior too, so I’m sorry if this explanation is pedantic!
opattison
commented
8 years ago @michaellee Let me know if #337 addresses your improvement suggestions.
“Live” pre-release version is at https://dev.olivermak.es/2016/01/aws-tls-certificate-with-jekyll/ if you don’t want to have to pull my changes to see the result.
opattison
commented
8 years ago Merged the changes in #337.
This feedback was excellent! Let me know if I missed anything.
Hey @opattison great post for setting up Jekyll on AWS with TLS. I wish I read it before I dived into moving my site over. I did have a couple of suggestions to improve upon it.
Could you expound on this a little? For example, if I wanted just the bare domain, do I need to also set the CNAME for the www?
This is such an essential step and I almost missed it. It is found under the Behaviors tab in the CloudFront dashboard.
This is found under the General tab on the CloudFront dashboard.