If you see your own server domain in the URL for the asset, it means that CloudFront received a redirect response when it went to fetch the asset and is serving that redirect as the cached result. This is definitely not what you want.
I had a similar problem that I solved after seeing one of the answers on this post:
Magento - Amazon Cloudfront CDN and Caching
I was redirecting from domain.com to www.domain.com and CloudFront was caching and returning that redirect. You would probably see the same thing with an http/https redirect.
If you're doing an HTTP -> HTTPS redirect, you have two options: You can either serve the assets to CloudFront as HTTP or make CloudFront request them as HTTPS. To do the latter, you would need to configure your CloudFront origin to "Match Viewer." That means that if the viewer is using HTTPS, CloudFront will also. If the user is using HTTP, CloudFront would request in HTTP, return the HTTPS redirect it received from your server, and the client would then re-issue the request as HTTPS.
In our case, the assets themselves do not need to be protected in-flight. It is only important that they are served from CloudFront as HTTPS so the user's browser is seeing all HTTPS content. So, in our case, it is not necessary to serve the assets to CloudFront as HTTPS. Regardless of how it fetches the content from our server, CloudFront will match the viewer's protocol when it responds.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
