我正在尝试通过API来创建新的AWS分配,我在其中进行设置:
"ViewerCertificate": {
"CloudFrontDefaultCertificate": true
},
这应该使用默认的CF证书,但是导致出现此错误:
InvalidViewerCertificate
To add an alternate domain name (CNAME) to a CloudFront distribution, you must attach a trusted certificate that validates your authorization to use the domain name.
{
"DistributionConfig": {
"Aliases": {
"Quantity": 2,
"Items": ["www.xxyz.com", "xyz.com"]
},
"DefaultRootObject": "",
"Origins": {
"Quantity": 1,
"Items": [{
"Id": "RJMn5FUTvrqoh-cloudfrontxyz.com",
"DomainName": "chzsgor80ynsme.xyz.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "http-only",
"OriginSslProtocols": {
"Quantity": 4,
"Items": ["SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"]
}
}
}]
},
"DefaultCacheBehavior": {
"TargetOriginId": "RJMn5FUTvrqoh-cloudfrontxyz.com",
"ForwardedValues": {
"QueryString": true,
"Cookies": {
"Forward": "all"
},
"Headers": {
"Quantity": 1,
"Items": ["Host"]
}
},
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "allow-all",
"AllowedMethods": {
"Quantity": 7,
"Items": ["HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH"],
"CachedMethods": {
"Quantity": 2,
"Items": ["HEAD", "GET"]
}
},
"SmoothStreaming": false,
"MinTTL": 0,
"DefaultTTL": 3600,
"MaxTTL": 31536000,
"Compress": false
},
"CacheBehaviors": {
"Quantity": 0
},
"CustomErrorResponses": {
"Quantity": 0
},
"Comment": "",
"Logging": {
"Enabled": false,
"Bucket": "",
"Prefix": "",
"IncludeCookies": true
},
"Enabled": true,
"PriceClass": "PriceClass_100",
"ViewerCertificate": {
"CloudFrontDefaultCertificate": true
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"WebACLId": "",
"CallerReference": "xyz-1555690298"
}
}
这实际上在几周前就有效了,但是可能有所改变。 还是默认证书所允许的分发数量受到限制?
谢谢您的帮助!
答案 0 :(得分:1)
我认为这是因为CloudFront最近发布的消息:
https://forums.aws.amazon.com/ann.jspa?annID=6725
由于您要添加CNAME: “别名”:{ “数量”:2 “项目”:[“ www.xxyz.com”,“ xyz.com”] }