I have seen many posts on this topic, but I have not been able to resolve the issue, so I am posting my setup in case anyone knows what needs to be changed?
I have a domain purchased through Namecheap. I have set custom DNS and added 4 name servers generated by the hosted zone in AWS Route 53. DNS lookup through whois.net shows the correct values.
In Route 53, I have added an A record to the Alias Target
xxxxxxxxxxxxxx.cloudfront.net.So the traffic hits Route 53 and goes to CloudFront.In CloudFront, I have one distribution. As Alternate Domain Names (CNAMEs), I have the following values:
- *.domain.com
- www.domain.com
- domain.com
Under origins, I have one record with the following Origin Domain Name:
- domain.com.s3-website.az-name-1.amazonaws.com
I am hosting website in an S3 bucket. All HTTP requests are set to redirect to HTTPS.
Lastly, I have created and verified a single certificate for the following domain names:
domain.com, www.domain.com, *.domain.com
I have read some answers that I should just wait and the custom SSL certificate option will become enabled. It's been more than day now, however, and there is no sign of that happening.
My website works, but the misconfigured certificate (using the default *.cloudfront.net) throws a warning popup in Safari, and worse, a warning page in Chrome which most people are not going to bypass.
