Creating a custom domain name for a stage in API Gateway and attaching the cert

Hi @owenwynn,

As states in the doc you can use private certificates on API Gateway: "With ACM Private CA you can choose to delegate certificate management to ACM for certificates used with ACM-integrated services, such as Elastic Load Balancing and API Gateway." Although you will need to have an existent CA in place, because you can only create subordinate private CAs. And later you will need to add the certificate from the authority in the API client (browser, postman, etc) in order to call it without receiving invalid certificate messages.

Another option is to create public certificates from ACM (it is free). This way their app client won't show any error message that the certificate is invalid. Only issue with using public certificate is the validation, which can be done by adding a DNS entry generated by ACM or by email (you need to have access to some specific email boxes like postmaster).

Unless it is very hard for them to validate the public certificate I would recommend to use it instead of private ones. They can create wildcard certificates, and use the same certificate for all prototypes they need to perform.