How do I issue an ACM certificate for a domain in a private hosted zone?

1 minute read
0

I want to issue an AWS Certificate Manager (ACM) certificate for a domain name in an Amazon Route 53 private host zone.

Resolution

You can't request a public certificate for domain names in a private host zone. To issue a public ACM certificate, you must register your domain name and use a public hosted zone.

ACM issues a public certificate only after it validates domain ownership. You can't issue an ACM public certificate for a domain name in a private hosted zone because you can't prove the public domain ownership.

For domain names in a private hosted zone, use AWS Private Certificate Authority to request a private certificate. When you request a private certificate from AWS Private CA, you don't need to validate domain ownership.

Related information

What is the best certificate service for my needs?

AWS OFFICIAL
AWS OFFICIALUpdated 3 months ago