问题
This Google Storage documentation page states that You can use a CNAME redirect only with HTTP, not with HTTPS. But I cannot see any reason for that. Can anyone explain me why?
回答1:
Assume you have a CNAME record:
travel-maps.example.com CNAME c.commondatastorage.googleapis.com.
Browser resolves name travel-maps.example.com and gets IP for c.commondatastorage.googleapis.com, then connects to port 443 of this address.
Server with this IP couldn't possibly have proper certificate for travel-maps.example.com (and all other domain names with CNAME records like this). Only example.com domain owner could get a trusted cert for his own domain.
回答2:
It is possible!
There could be many domains attached to one SSL certificate.
ASSUME travel-maps.example.com CNAME c.commondatastorage.googleapis.com.
When both domains are in the SSL cert list, your CNAME can redirect with HTTPS.
This is how CDN service provider such as Incapsula with works with HTTPS. They just create a "Multi-domain" SSL cert for you.
You may check a demo cert-info in this site. https://www.incapsula.com/
Any way, this kind of SSL cert is for business use in most case and are generally pretty expensive.
来源:https://stackoverflow.com/questions/9294215/why-isn-t-it-possible-to-use-a-cname-redirect-with-https