通配符子域@AWS route53 的 SSL 证书错误别名为 ELB
SSL certificate error with wildcard subdomain @AWS route53 aliased to an ELB
设置
Route53 记录(*.testing.domain.com) 链接到 ELB(使用 Amazon Certificate Manger 为 *.[=60 颁发的证书) =] 和 domain.com)
ELB 的目标是 运行 nginx 它将传入的请求 proxy_pass (django) 服务器 运行 端口 80xx(例如:127.0.0.1:8099)。
注意:nginx服务器在80和443端口监听请求并且ELB的目标注册在80和443端口.
问题:
我可以访问以下内容:
- http://domain.com
- https://domain.com
- http://any.subdomain.domain.com
我想知道为什么我在尝试访问 https://any.subdomain 时收到 NET::ERR_CERT_COMMON_NAME_INVALID
。domain.com
谢谢
您需要为 *.subdomain.domain.com
申请另一个证书
https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html
*.example.com can protect login.example.com and test.example.com, but it cannot protect test.login.example.com. Also note that *.example.com
protects only the subdomains of example.com, it does not protect the
bare or apex domain (example.com). However, you can request a
certificate that protects a bare or apex domain and its subdomains by
specifying multiple domain names in your request.
设置
Route53 记录(*.testing.domain.com) 链接到 ELB(使用 Amazon Certificate Manger 为 *.[=60 颁发的证书) =] 和 domain.com)
ELB 的目标是 运行 nginx 它将传入的请求 proxy_pass (django) 服务器 运行 端口 80xx(例如:127.0.0.1:8099)。
注意:nginx服务器在80和443端口监听请求并且ELB的目标注册在80和443端口.
问题:
我可以访问以下内容:
- http://domain.com
- https://domain.com
- http://any.subdomain.domain.com
我想知道为什么我在尝试访问 https://any.subdomain 时收到 NET::ERR_CERT_COMMON_NAME_INVALID
。domain.com
谢谢
您需要为 *.subdomain.domain.com
https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html
*.example.com can protect login.example.com and test.example.com, but it cannot protect test.login.example.com. Also note that *.example.com protects only the subdomains of example.com, it does not protect the bare or apex domain (example.com). However, you can request a certificate that protects a bare or apex domain and its subdomains by specifying multiple domain names in your request.