Hi,
I have successfully installed C5 (8.5.5) on an AWS EC2 instance and attempting to utilize an ssl certificate for encryption (using an AWS ACM ssl certificate). In doing so, I believe my issue is that the cached data isn’t being sent to the origin (C5 in this case) correctly. I am utilizing AWS Cloudfront to handle the distribution for the ssl certificate as well I funnel this to Route53 to handle my custom domain.
In C5, I have Canonical URLs set, both are https://. Home page works, login page works, but I get the following error when I attempt to login (below). Login info is correct, but it seems like it’s not being sent through correctly.
“User is not registered. Check your authentication controller.”
Any help or direction would be more than appreciated.
Thank you.
To follow up, it seems that CloudFront was getting in the way. Removed it and now things are working as they should. Well… except for redirects/canonical url. Regular browsers do what they should (redirect to https), but browsers like FireFox Developer don’t automatically. Thus, access to the http version is still available. I haven’t found a work around yet. But with time of the essence, I will look at this later.
If you have any questions, I would be happy to answer. Hope this helps.
This is the add-on you should consider using.
You will need to set-up trusted_proxy.
But CloudFront changes IP periodically.
PortlandLabs made the following add-ons to fetch the IP range and add them to trusted_proxies setting accordingly.
You want to set-up a cron to run its CLI command in the background
thank you. appreciated. I’ll dig into this more.
Hi katz515,
I have a couple of questions.
-
First, am I right to assume that the trusted proxy (dashboard/permissions & access/trusted proxies) for the initial setup will be to manually input the current IP address of my EC2 instance?
-
Could you please link or pass on the name of the PortlandLabs add-on? I couldn’t find it in the C5 community/add-on area. Googled as well.
-
Could you provide more clarity/direction in regards to setting up a cron to run the CLI command. I understand the concept, I just am not sure where to big coding that (or where in EC2).
Either way, thank you so much in advance.
- First, am I right to assume that the trusted proxy (dashboard/permissions & access/trusted proxies) for the initial setup will be to manually input the current IP address of my EC2 instance?
No, for trusted_proxies, as it said, you need to enter the IP addresses of proxy servers. In this case, CloudFront servers.
The current list is available here
https://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips
- Could you please link or pass on the name of the PortlandLabs add-on? I couldn’t find it in the C5 community/add-on area. Googled as well.
There is a link in my original post. concrete5/cloudfront_proxy is the link.
This forum embed “nice” layout… so it actually made it difficult…
It’s not community github. You need to look at PortlandLabs’s concrete5 github.
- Could you provide more clarity/direction in regards to setting up a cron to run the CLI command. I understand the concept, I just am not sure where to big coding that (or where in EC2).
I have only written the instruction in Japanese.
https://qiita.com/katzueno/items/43b88944642824101173
Please try to use Google Translate or DeepL
Do you know how to set-up /etc/crontab first of all?
Here is the instruction for how to set-up crontab
https://www.cyberciti.biz/faq/how-do-i-add-jobs-to-cron-under-linux-or-unix-oses/
I usually use /etc/crontab way sine I always have root user privilege, and other reason.
But you could use crontab -e option. But you need to make sure that you run as apache or nginx user whichever user that you are running the server as.
Good luck.
Hey Katz,
Thank you so much for all of this. Really appreciate it. I’ll work on this during the week and let you know when it’s up a running.
Thanks again!
1 Like