Set up Your Domain with CloudFront

From @jayair on Mon Apr 10 2017 01:09:34 GMT+0000 (UTC)

Link to chapter -

Copied from original issue:

From @jeffthefate on Wed Sep 13 2017 15:34:34 GMT+0000 (UTC)

I’m not sure if this was just because I had to move a domain from one AWS account to another, but my domain and hosted zone didn’t have the same name servers. Once I synced those up, everything was magic.

1 Like

From @jayair on Wed Sep 13 2017 18:55:33 GMT+0000 (UTC)

@jeffthefate Thanks for leaving a note. I’m not sure if that’s the issue but it might help some other folks.

From @littleredshack on Mon Dec 11 2017 06:42:39 GMT+0000 (UTC)

Small update. When I start this section on Creating Hosted Zones I get the following screen:

Then I click on Create Hosted Zone and I get:

So I fill in the right hand form and click Create:

From @jayair on Mon Dec 11 2017 13:47:21 GMT+0000 (UTC)

@littleredshack Thanks for the comment and the screenshots. I added a small note to the chapter about it.

From @littleredshack on Tue Dec 12 2017 05:43:33 GMT+0000 (UTC)

Stuck on this one guys. I have set DNS servers the same for domain and hosted zone as per comment above.

After I make this DNS change do I need to wait 24 hours or something? I did get an email from AWS confirming that the DNS server entries had been changed. But when I try to open a browser to my domain I get:

Not sure if you’re still having issues - pro tip is to create an account to post in the AWS forums and post your question there, they have engineers looking at all the questions and can take a look at things from the backend to help you troubleshoot. I posted there and got help within an hour.

1 Like

Could you give me pointers on how to configure this on a domain I already own?

I own a domain on OVH and want to serve the app on a subdomain. I’ve created a redirection in the OVH console but that doesn’t seem to be enough.

I know you can transfer the domain to Route 53 but in this case you want to use a subdomain. It’s a bit more complicated for that. I think this doc helps with that:

If you come across the following error after entering a CNAME and clicking Yes, Edit then the info below may help you out.
Scroll back up and click Request or Import a Certificate with ACM and go through the steps to obtain a certificate. It took about 15 minutes to get mine from Amazon. I did purchase a domain from Route 53.

Once the certificate manager states “Issued” then head back to the CloudFront distribution settings and add in the CNAME and select “Custom SSL Certificate (”. If this is greyed out simply log out of AWS and log back in and head back to CloudFront. You should be able to select this option when you log back in. Then click on the empty field right above the button Request or Import a Certificate with ACM. This should automatically list the certificate that was created. Select it and scroll down and select Yes, Edit.

Link to what was referenced in the image.


Appreciate the feedback.

Anyone is here…?

I got this error after following this chapter and tried to open the domain name I purcahsed from Rout 53…anyone can help?

Network Error (dns_server_failure)
Your request could not be processed because an error occurred contacting the DNS server.
The DNS server may be temporarily unavailable, or there could be a network problem.
For assistance, contact your network support team.

Are you still getting this error? New domains can take some time to propagate.

I tried to follow this with a domain registered on Namecheap. I have an issued certificate in AWS Certificate Manager after verifying my domain ownership.

The issue, as posted by @mikeyamato, is that I cant use a Default CloudFront Certificate, I assume because the domain wasn’t bought via AWS?

Anyway, I cant use a custom SSL Certificate either (as @mikeyamato mentioned its greyed out) however it isn’t ever becoming “not greyed out” even though I had my certificate issued 4 or so days ago.

Is there something I am missing when using a domain from Namecheap?

Update: I worked out the above:

Its because CloudFront can only talk to a Certificate from the Virginia region (see this)

Therefore, I had to recreate a Certificate on the Virginia region and use this to then follow the steps in the guide.

Hope that helps people.

1 Like

Hey Alex,

Great troubleshooting steps. Glad to hear you figured it out.

1 Like

+1 - I had to create the SSL certs before creating the Cloudfront distribution otherwise I got that error message. I had to add the certs during the Cloudfront creation flow.

1 Like