Otdfbt

Does ls -R make any sense with -d?

Why is Ni[(PPh₃)₂Cl₂] tetrahedral?

How to make Flex Markers appear in Logic Pro X?

Can diplomats be allowed on the flight deck of a commercial European airline?

What is the required burn to keep a satellite at a Lagrangian point?

nginx conf: http2 module not working in Chrome in ubuntu 18.04

Can someone get a spouse off a deed that never lived together and was incarcerated?

A nasty indefinite integral

Ribbon Cable Cross Talk - Is there a fix after the fact?

What defines a person who is circumcised "of the heart"?

Ways to spot non-sentient, non-conscious, telepathic shapeshifters

How to become an Editorial board member?

How can I reduce the size of matrix?

Writing "hahaha" versus describing the laugh

Why starbase in not connected to the Trade Network?

Which are the advantages/disadvantages of includestandalone?

Team member is vehemently against code formatting

size of pointers and architecture

Caught with my phone during an exam

What pc resources are used when bruteforcing?

why "American-born", not "America-born"?

Download app bundles from App Store to run on iOS Emulator on Mac

Find this Unique UVC Palindrome ( ignoring signs and decimal) from Given Fractional Relationship

Why is the Psionic Artificer considered to be better than all other tier 1 classes?

https download file with custom S3 URL

nginx HTTPS serving with same config as HTTPHandling http and https requests using a single port with nginxIn Nginx, how can I rewrite all http requests to https while maintaining sub-domain?IIS website http ok but https cannot find resource (status code 404)DNS to an Amazon S3 bucket suddenly stopped workingIs it possible to do client certificate authentication without running HTTPS on a webserver?“Securely” download a file over https without using authenticationRedirect HTTP to HTTPs using .htaccess and mod_rewriteDisable HTTPS for one of two name-based websites, hosted on one IP addressWhat AWS service to avoid CORS issues with S3 static content and aws backends

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

-1

I believe the following question should be asked here and not @Super User.

My web application is using S3 for users to download files. Prior customizing the url, files were downloaded from S3 with this url scheme:

https://mybucket.s3-website-us-west-1.amazonaws.com/file.zip

I wanted to hide from the users that i am using S3 for my files, so i made a new CName (files.mydomain.com) at my DNS panel with the value S3.amazonaws.com .

Now the url is http://files.mydomain.com/file.zip .

My question is since the file is hosted at S3 (which by default uses https://) are still the files downloaded via secure http? Note that i am using http for my subdomain.

I hope i made it clear.

Thanks

https amazon-s3

share|improve this question

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

add a comment | 

-1

I believe the following question should be asked here and not @Super User.

My web application is using S3 for users to download files. Prior customizing the url, files were downloaded from S3 with this url scheme:

https://mybucket.s3-website-us-west-1.amazonaws.com/file.zip

I wanted to hide from the users that i am using S3 for my files, so i made a new CName (files.mydomain.com) at my DNS panel with the value S3.amazonaws.com .

Now the url is http://files.mydomain.com/file.zip .

My question is since the file is hosted at S3 (which by default uses https://) are still the files downloaded via secure http? Note that i am using http for my subdomain.

I hope i made it clear.

Thanks

https amazon-s3

share|improve this question

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

add a comment | 

I believe the following question should be asked here and not @Super User.

My web application is using S3 for users to download files. Prior customizing the url, files were downloaded from S3 with this url scheme:

https://mybucket.s3-website-us-west-1.amazonaws.com/file.zip

I wanted to hide from the users that i am using S3 for my files, so i made a new CName (files.mydomain.com) at my DNS panel with the value S3.amazonaws.com .

Now the url is http://files.mydomain.com/file.zip .

My question is since the file is hosted at S3 (which by default uses https://) are still the files downloaded via secure http? Note that i am using http for my subdomain.

I hope i made it clear.

Thanks

https amazon-s3

share|improve this question

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

https://mybucket.s3-website-us-west-1.amazonaws.com/file.zip

share|improve this question

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

share|improve this question

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

edited Aug 21 '14 at 7:02

MadHatter

70.8k11147207

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

asked Aug 21 '14 at 6:40

Theodoros80Theodoros80

1073

3 Answers
3

active

oldest

votes

3

No, your files are not being downloaded via https, since your link is with http.

What you need to do is to put your S3 bucket behind CloudFront. In CloudFront, you have the ability to upload a custom SSL certificate to use with your CNAME (and it is free for SNI-based SSL).

share|improve this answer

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  So i am loosing the https functionality with my custom url. :( That's no good. Thanks.
  
  – Theodoros80
  Aug 21 '14 at 6:56
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not use CloudFront? It is not expensive at all and if you set it to cache the files from S3, the speed is MUCH better for CloudFront.
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Well,to be honest, i haven't looked at CF at all and i don't what learning-curve has..
  
  – Theodoros80
  Aug 21 '14 at 7:10
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Takes 15 minutes to set it up in front of S3, including reading the doc on how to do it. :)
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I think this will solve my problem, although will take more than 15 minutes :) bryce.fisher-fleig.org/blog/…
  
  – Theodoros80
  Aug 21 '14 at 7:19
  

  
  
  
  

add a comment | 

0

Well a CNAME doesnt change anything. Client is still connecting to the IP, not the name. Though im surprised that CNAME'ing just works, without having to add the new name to the server.

Is the connection HTTPS? Who knows. You may be redirected from HTTP to HTTPS or you may not. Impossible to say really without an actually download link to test with.

You can test with wget on a linux commandline.

wget http://files.mydomain.com/file.zip

and see if you get redirected to https before download.

share|improve this answer

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I'll check it.thnks
  
  – Theodoros80
  Aug 21 '14 at 6:59
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Oh yeah.. @FlorinAsavoaie points out the certificate issue too. If you were to download from a browser using your new url and you got redirected to HTTPS, you'd get a certificate warning, since you didnt give amazon a certificate for you hostname.
  
  – thelogix
  Aug 21 '14 at 7:01
  

  
  
  
  

add a comment | 

-1

try this

wget --no-check-certificate --no-proxy --user=username --ask-password -O "downlod url "

share|improve this answer

answered May 8 at 10:31

DinoDino

1

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  There's a reason if https uses certificates to check the server identity. Skipping the certificate check is bad practice, and must never be done in production environments. If you do this, any man-in-the-middle attack would go undetected (so someone that can see and modify the packets between the client and the server can eavesdrop on the connection and worse even modify it).
  
  – Ale
  May 8 at 12:48
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f622955%2fhttps-download-file-with-custom-s3-url%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

3

No, your files are not being downloaded via https, since your link is with http.

What you need to do is to put your S3 bucket behind CloudFront. In CloudFront, you have the ability to upload a custom SSL certificate to use with your CNAME (and it is free for SNI-based SSL).

share|improve this answer

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  So i am loosing the https functionality with my custom url. :( That's no good. Thanks.
  
  – Theodoros80
  Aug 21 '14 at 6:56
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not use CloudFront? It is not expensive at all and if you set it to cache the files from S3, the speed is MUCH better for CloudFront.
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Well,to be honest, i haven't looked at CF at all and i don't what learning-curve has..
  
  – Theodoros80
  Aug 21 '14 at 7:10
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Takes 15 minutes to set it up in front of S3, including reading the doc on how to do it. :)
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I think this will solve my problem, although will take more than 15 minutes :) bryce.fisher-fleig.org/blog/…
  
  – Theodoros80
  Aug 21 '14 at 7:19
  

  
  
  
  

add a comment | 

3

No, your files are not being downloaded via https, since your link is with http.

What you need to do is to put your S3 bucket behind CloudFront. In CloudFront, you have the ability to upload a custom SSL certificate to use with your CNAME (and it is free for SNI-based SSL).

share|improve this answer

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  So i am loosing the https functionality with my custom url. :( That's no good. Thanks.
  
  – Theodoros80
  Aug 21 '14 at 6:56
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Why not use CloudFront? It is not expensive at all and if you set it to cache the files from S3, the speed is MUCH better for CloudFront.
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Well,to be honest, i haven't looked at CF at all and i don't what learning-curve has..
  
  – Theodoros80
  Aug 21 '14 at 7:10
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Takes 15 minutes to set it up in front of S3, including reading the doc on how to do it. :)
  
  – Florin Asăvoaie
  Aug 21 '14 at 7:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I think this will solve my problem, although will take more than 15 minutes :) bryce.fisher-fleig.org/blog/…
  
  – Theodoros80
  Aug 21 '14 at 7:19
  

  
  
  
  

add a comment | 

No, your files are not being downloaded via https, since your link is with http.

What you need to do is to put your S3 bucket behind CloudFront. In CloudFront, you have the ability to upload a custom SSL certificate to use with your CNAME (and it is free for SNI-based SSL).

share|improve this answer

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

share|improve this answer

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

answered Aug 21 '14 at 6:54

Florin AsăvoaieFlorin Asăvoaie

6,3641733

0

Well a CNAME doesnt change anything. Client is still connecting to the IP, not the name. Though im surprised that CNAME'ing just works, without having to add the new name to the server.

Is the connection HTTPS? Who knows. You may be redirected from HTTP to HTTPS or you may not. Impossible to say really without an actually download link to test with.

You can test with wget on a linux commandline.

wget http://files.mydomain.com/file.zip

and see if you get redirected to https before download.

share|improve this answer

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I'll check it.thnks
  
  – Theodoros80
  Aug 21 '14 at 6:59
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Oh yeah.. @FlorinAsavoaie points out the certificate issue too. If you were to download from a browser using your new url and you got redirected to HTTPS, you'd get a certificate warning, since you didnt give amazon a certificate for you hostname.
  
  – thelogix
  Aug 21 '14 at 7:01
  

  
  
  
  

add a comment | 

0

Well a CNAME doesnt change anything. Client is still connecting to the IP, not the name. Though im surprised that CNAME'ing just works, without having to add the new name to the server.

Is the connection HTTPS? Who knows. You may be redirected from HTTP to HTTPS or you may not. Impossible to say really without an actually download link to test with.

You can test with wget on a linux commandline.

wget http://files.mydomain.com/file.zip

and see if you get redirected to https before download.

share|improve this answer

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I'll check it.thnks
  
  – Theodoros80
  Aug 21 '14 at 6:59
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Oh yeah.. @FlorinAsavoaie points out the certificate issue too. If you were to download from a browser using your new url and you got redirected to HTTPS, you'd get a certificate warning, since you didnt give amazon a certificate for you hostname.
  
  – thelogix
  Aug 21 '14 at 7:01
  

  
  
  
  

add a comment | 

Well a CNAME doesnt change anything. Client is still connecting to the IP, not the name. Though im surprised that CNAME'ing just works, without having to add the new name to the server.

Is the connection HTTPS? Who knows. You may be redirected from HTTP to HTTPS or you may not. Impossible to say really without an actually download link to test with.

You can test with wget on a linux commandline.

wget http://files.mydomain.com/file.zip

and see if you get redirected to https before download.

share|improve this answer

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

wget http://files.mydomain.com/file.zip

share|improve this answer

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

answered Aug 21 '14 at 6:59

thelogixthelogix

37917

-1

try this

wget --no-check-certificate --no-proxy --user=username --ask-password -O "downlod url "

share|improve this answer

answered May 8 at 10:31

DinoDino

1

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  There's a reason if https uses certificates to check the server identity. Skipping the certificate check is bad practice, and must never be done in production environments. If you do this, any man-in-the-middle attack would go undetected (so someone that can see and modify the packets between the client and the server can eavesdrop on the connection and worse even modify it).
  
  – Ale
  May 8 at 12:48
  

  
  
  
  

add a comment | 

-1

try this

wget --no-check-certificate --no-proxy --user=username --ask-password -O "downlod url "

share|improve this answer

answered May 8 at 10:31

DinoDino

1

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  There's a reason if https uses certificates to check the server identity. Skipping the certificate check is bad practice, and must never be done in production environments. If you do this, any man-in-the-middle attack would go undetected (so someone that can see and modify the packets between the client and the server can eavesdrop on the connection and worse even modify it).
  
  – Ale
  May 8 at 12:48
  

  
  
  
  

add a comment | 

try this

wget --no-check-certificate --no-proxy --user=username --ask-password -O "downlod url "

share|improve this answer

answered May 8 at 10:31

DinoDino

1

share|improve this answer

answered May 8 at 10:31

DinoDino

1

answered May 8 at 10:31

DinoDino

1

answered May 8 at 10:31

DinoDino

1