I am trying to get my head around how one would configure CloudFront to serve up dynamic content from an EC2 backed origin, while using a custom SSL certificate.
But my, I suppose bigger question is how CloudFront and DNS actually works. Obviously the EC2 origin has it's own publicly routable IP and DNS (whether it be automatically, or manually assigned). But how does the distribution work? As far as I understand, the distribution is an abstraction, or logical unit of settings that are pushed out to the edge datacenters, which there are a bunch of, and each one needing its own publicly routable IP and DNS addresses.
The DNS that Amazon generates for the distributions is something like cloudfront.net. But how can this be served up to all of the edge locations? IE one DNS can't resolve to multiple different IP addresses, can it? I know you can have have many DNS's point to the same IP. Also, if my above premise is correct, how do all these different edge datacenters have the same IP address?
Ugghh, I am wondering all this so I know how to point some of our DNS records (that are not hosted by Route53) at a distribution and, to boot, use SSL. I know there is documentation on this, but I have not been able to get it to work and I would like to know, logically how all this stuff ties together.
Thanks for any insight that you can offer.