Wednesday, June 7, 2017

ssl certificate - Redirecting .app domain to Amazon S3 bucket (SSL)




I'm currently hosting a static website on an Amazon s3 bucket (i.e. https://s3.eu-east-2.amazonaws.com/MyApp/index.html) and I have recently bought an .app domain which I would like to redirect to the bucket (i.e. myapp.app).
I have configured the DNS in order to perform a redirection with masking, but when I insert it in my browser it get marked as unsafe.
Apparently the .app domains always require an SSL certificate. Do I need a separate certificate even if I'm redirecting to a website supporting an SSL connection?


Answer



Yes, the whole .APP TLD is added in the HSTS preloading list, used by all major browsers. So no browser will do an HTTP query to a .APP domain name they will all first and only do an HTTPS query.



This specific point should have been highlighted to you by your registrar when you brought the .APP domain name as this was to be enforced by Google contract with your registrar.



So whatever you point your website to needs to respond correctly on port 443.




See this other answer from me for all the details on .APP, TLS and HSTS: https://stackoverflow.com/a/50258651/6368697


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...