Can someone help me with a certificate renewal?

Question

I need some help with a certificate renewal, please help me with this.

Since 3 years we have one domain hosted on Amazon, and also the DNS settings are hosted in the Route 53. But now the certificate is expired and not renewed. Strange but ok.

I requested a new SSL certificate, but it's stuck on pending validation. I tried several times/days with a new request. Deleted the cname record on Route 53 and used the import cname option on the certificate page for correct settings. Everything looks fine, but still it's stuck on pending validation.

On the Route53 page I have also tried the option to test the DNS response, i get no errors and a response, see below. So what can I do to get the certificate working again?
Response returned by Route 53

Response from Route 53 based on the following options.
Hosted zone
nameshift.com
Record name
_8a000895a356007b8d4ec5c98a70b634
Record type
CNAME
DNS response code
No Error
Protocol
UDP
Response returned by Route 53
_f5e91e93d6d77f1f4db1a604b31d11a9.kirrbxfjtw.acm-validations.aws.

Answer

Hi.

First, was the ACM certificate you had validated by email or DNS?  
There are different ways to deal with email and DNS.  
In the case of DNS, all you have to do is check if the record is correct, but in the case of email validation, a manual update action is required.  
See the troubleshooting page below.

https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-renewal.html

Second, if the managed certificate auto-renewal enforcement fails, you should have received an email indicating the error.  
Can you confirm its contents?

If the troubleshooting page above does not resolve your issue, I recommend contacting AWS Support.

Can someone help me with a certificate renewal?

Relevant content