Creating a custom domain name for a stage in API Gateway and attaching the cert

0

Hello, I would like to expose one stage of a deployed API Gateway under a constant url. What is the shortest path to prototyping this? It looks to me like a Custom Domain Name is required. This in turn will require a certificate. For prototyping, is it sufficient to create a private certificate manager?

To summarize, they believe the following needs to be completed:

  1. Create a private certificate manager (within ACM)
  2. Create a private certificate
  3. Create a custom domain name
  4. Add a mapping to the custom domain name, exposing the deployed API Gateway

Can a private cert be used with a custom domain within API Gateway and is this the correct approach?

Thanks!

1개 답변
0
수락된 답변

Hi @owenwynn,

As states in the doc you can use private certificates on API Gateway: "With ACM Private CA you can choose to delegate certificate management to ACM for certificates used with ACM-integrated services, such as Elastic Load Balancing and API Gateway." Although you will need to have an existent CA in place, because you can only create subordinate private CAs. And later you will need to add the certificate from the authority in the API client (browser, postman, etc) in order to call it without receiving invalid certificate messages.

Another option is to create public certificates from ACM (it is free). This way their app client won't show any error message that the certificate is invalid. Only issue with using public certificate is the validation, which can be done by adding a DNS entry generated by ACM or by email (you need to have access to some specific email boxes like postmaster).

Unless it is very hard for them to validate the public certificate I would recommend to use it instead of private ones. They can create wildcard certificates, and use the same certificate for all prototypes they need to perform.

AWS
답변함 6년 전
profile picture
전문가
검토됨 5달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠