Cannot update "Pending Validation"Status to Issue


I have private hosted zone in Route 53. When I go to certificate manager and click "Create record in Route 53 button" I dont see the certificate and "Create Record" button is disable. AWS Certificate Manager > Certificates > Create DNS records in Amazon Route 53 I see the certificate after I remove the filter Is domain in Route 53?: Yes

I can see my domain in Route 53. How can I resolve the issue?

1 Answer

The requirement to create a certificate by ACM - you need to create public hosted zone, not private hosted zone. By your question, it appears you are trying to create "Request a public certificate." When someone request an ACM public certificate using DNS validation, ACM provides a CNAME record for each FQDN, and another name (if you have one) that you must add to your DNS configuration to validate your ownership of the domain. Please note, because anyone can create a private DNS zone and put records on it under any domain name, being able to make a change in a private DNS zone doesn't prove public ownership of the domain.

Requesting a private certificate requires the creation of a private certificate authority (CA). To create a private CA, visit AWS Private Certificate Authority

You can request two types of certificate from ACM:

  • Request a public certificate, and
  • Request a private certificate

Please visit the following links:

answered 5 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions