I am using an AWS CloudFront service. I also have an origin running on 1111. If cloudfront doesn't have requested data, it connects origin at 1111 and get it. Everything works fine when I keep origin protocol policy: HTTP Only and my origin runs on pure HTTP.
Now I want to enable HTTPS on my origin, on the same port i.e. 1111. I want cloudfront to always connect to origin over HTTPS, though the viewer connects to it over HTTP/HTTPS. I changed origin protocol policy: Match Viewer. When user connects to cloudfront over HTTPS, things work. But when user connects over HTTP, origin (nginx) gives 400 Bad Request. To tackle this I might need to listen on HTTP in origin. But I want to avoid using two different ports for origin.
I also tried setting cloudfront behavior to always redirect to HTTPS. But it redirects to url with origin as host name and things fail.
What is the preferred way of achieving this behavior?
Thanks.
Aucun commentaire:
Enregistrer un commentaire