ACM was unable to renew the certificate automatically

0

I have a issued certificate. I recently received email from Amazon that contained 'AWS Certificate Manager (ACM) was unable to renew the certificate automatically using DNS validation. You must take action to ensure that the renewal can be completed. If the certificate is not renewed and the current certificate expires, your website or application may become unreachable.' Verified that all correct CNAME records are present in the DNS configuration for each of the two domains on the cert. But certificate renewal status is pending. It couldn't renew. I can't find any information on how to. How am i solve this problem?

Ennur
質問済み 10ヶ月前313ビュー
2回答
0

Details are here https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html

In short, to prove you own the domain that the certifcate is being issued for, ACM will request that you create a CNAME record name that's a random string like _a79865eb4cd1a6ab990a45779b4e0b96.[your_domain].com. with a record value of _424c7224e9b0146f9a8808af955727d0.acm-validations.aws.

If Route 53 is your registrar then this can all be done automatically (you might need to click a few times in the AWS Console when it's first setup). If you're using a third-party registrar then the new DNS records need to be added on that side. AWS can't do that, you need to do that yourself, or ask you registrar to do it.

You can verify the records are there by using tools like nslookup or dig on the command line, and also https://toolbox.googleapps.com/apps/dig/

Common problems and troubleshooting steps are here https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-DNS-validation.html

profile picture
エキスパート
Steve_M
回答済み 10ヶ月前
0

1st you may check nslookup if the DNS entries are proper. If you have included the ACM DNS record value with 1st underscore _. Can you mention where you have purchased your domain. Some domain providers has Proxy enabled, Once you validate the DNS record properly, it should get validated in ACM and able for auto-renewal.

If you uploaded the SSL manually, it wont auto-renew.

If you still face the issue, check once with you domain provider support/ AWS Support.

回答済み 10ヶ月前
profile picture
エキスパート
レビュー済み 10ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ