com.amazonaws.services.cloudfront.model.InvalidViewerCertificateException: The certificate that is attached to your distribution doesn't cover the alternate domain name (CNAME) that you're trying to add. For more details, see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: 8406d8d5-65c3-11e9-afc0-65457a0a2bea)
我想念什么吗?顶级域的其他发行版使用相同的证书也可以正常工作。
最佳答案
确保您仅尝试获取*.
来匹配单个子域。参见wildcard ssl on sub-subdomain
也就是说*.example.com
将匹配sub1.example.com
和sub2.example.com
,但将不匹配sub2.sub1.example.com
。最后,您不能请求*.*.example.com
的证书。为了匹配最后一种情况,您必须请求*.sub1.example.com
。
关于amazon-web-services - CloudFront上的子域不起作用(证书不被接受),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55811462/