Class SSLMethod
The SSL method CloudFront will use for your distribution.
Inheritance
Namespace: Amazon.CDK.AWS.CloudFront
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public sealed class SSLMethod : Enum
Syntax (vb)
Public NotInheritable Class SSLMethod
Inherits
Enum
Remarks
Server Name Indication (SNI) - is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate.
CloudFront can use SNI to host multiple distributions on the same IP - which a large majority of clients will support.
If your clients cannot support SNI however - CloudFront can use dedicated IPs for your distribution - but there is a prorated monthly charge for using this feature. By default, we use SNI - but you can optionally enable dedicated IPs (VIP).
See the CloudFront SSL for more details about pricing : https://aws.amazon.com/cloudfront/custom-ssl-domains/
ExampleMetadata: lit=aws-cloudfront/test/example.iam-cert-alias.lit.ts infused
Examples
var s3BucketSource = new Bucket(this, "Bucket");
var distribution = new CloudFrontWebDistribution(this, "AnAmazingWebsiteProbably", new CloudFrontWebDistributionProps {
OriginConfigs = new [] { new SourceConfiguration {
S3OriginSource = new S3OriginConfig { S3BucketSource = s3BucketSource },
Behaviors = new [] { new Behavior { IsDefaultBehavior = true } }
} },
ViewerCertificate = ViewerCertificate.FromIamCertificate("certificateId", new ViewerCertificateOptions {
Aliases = new [] { "example.com" },
SecurityPolicy = SecurityPolicyProtocol.SSL_V3, // default
SslMethod = SSLMethod.SNI
})
});
Synopsis
Fields
SNI | |
value__ | |
VIP |
Fields
SNI
value__
public int value__
Field Value
Type | Description |
---|---|
System.Int32 |