Your www
site is pointing directly to an S3 bucket web site hosting endpoint, which is taking care of the redirect to the domain name without the www
prefix.
The S3 website endpoints do not support HTTPS, so this works for http only.
Your solution is to create a second CloudFront distribution -- you need an additional one, because the second one has a different origin. Configure this distribution with your SSL certificate, configured to expect the www hostname as an alternative name, and set its origin to the www bucket -- however, when you are setting up this second CloudFront distribution, do not select the name of your bucket from the list. Instead, enter the website endpoint hostname -- www.migranthire.com.s3-website-eu-west-1.amazonaws.com
. Set the origin protocol to HTTP only (CloudFront has to send the request to the bucket as HTTP even if the viewer protocol is HTTPS. You still get a green lock.)
Then, configure Route 53 to send www requests to the new CloudFront distribution, instead of directly to the bucket. CloudFront will speak SSL, sent the request to S3, which will return the redirect, as it is doing now.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…