I am using AWS EC2 to host my WP site having cyberpanel (Litespeed Ent and LScache plugin). Using free Let's SSL certificate (certbot).
I tried to active AWS cloudfront CDN on my site but getting following error
- SSL_ERROR_NO_CYPHER_OVERLAP in firefox
- ERR_SSL_VERSION_OR_CIPHER_MISMATCH in Chrome
Below is screenshot of my various setting
I am using Public DNS as my origin domain
Generated the SSL in AWS certificate and applied here. Added cdn.domain.tld as alternate domain name and added it as cname pointing to distribution in route53
Default Cache Behavior Setting
I am not sure what I am doing wrong here?
Note: I have TLS v1.3 enabled in my Litespeed
cdn...
... but is that the domain name you're typing into the browser when you get this error? – Michael - sqlbotexample.com
and you point that name to CloudFront in Route 53, but in CloudFront you have onlycdn.example.com
configured as Alternate Domain Name, the SSL error is expected because your browser connects to CloudFront and tries to negotiate SSL for a hostname that you didn't configure in the Alternate Domain Name settings... so CloudFront eaaentially "pretends" to be unable to negotiate SSL (resulting in that error) since it sees the traffic as invalid/nonsensical. – Michael - sqlbotcdn.example.com
and pointed it todxxxxxxxxxx.cloudfront.net
. Then I edited the A record forexample.com
and made it Alias pointing todxxxxxxxxxx.cloudfront.net
(Removed the IP address of EC2 instance). Myexample.com
domain have Let's SSL certificate generated from cerbot on EC2. While I also generated SSL in AWS certificate Manager and added it to Cloudfront (as shown in image above). I am missing something? – sanjay ojha