By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

how to add mutiple domain name to existing AWS certificate

0

Hi Team,

I requested for AWS certificate where i had mentioned one domain name which is a DNS name for my back end application. Now I want to add another URL to this certificate which is ELB hosted URL so that I can make back end https call using AWS ELB URl. Is it possible to edit the existing certificate?

Note: when I used AWS URL for https connection I am getting err_cert_common_name_invalid.

Topics
ServerlessFront-End Web & MobileApplication IntegrationNetworking & Content DeliveryManagement & GovernanceComputeContainers
Tags
AWS AppSyncAWS App MeshAWS AppConfigAWS Account ManagementAWS App Runner
Language
English
AWS-User-1435599
asked 3 years ago2.2K views
2 Answers
0

Hello,

I think it need to be done when you request a certificate , please see the below from Point no 2 (When you request a wild-card certificate...) https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html

I am not too sure if you can update an existing one with a wild-card domain name

Request a public certificate using the console

To request an ACM public certificate (console)

1. Sign in to the AWS Management Console and open the ACM console at https://console.aws.amazon.com/acm/home.
Choose Request a certificate.
In the Domain names section, type your domain name.

2. You can use a fully qualified domain name (FQDN), such as www.example.com, or a bare or apex domain name such as example.com. You can also use an asterisk (*) as a wild card in the leftmost position to protect several site names in the same domain. For example, *.example.com protects corp.example.com, and images.example.com. The wild-card name will appear in the Subject field and in the Subject Alternative Name extension of the ACM certificate.

When you request a wild-card certificate, the asterisk (*) must be in the leftmost position of the domain name and can protect only one subdomain level. For example, *.example.com can protect login.example.com, and test.example.com, but it cannot protect test.login.example.com. Also note that *.example.com protects only the subdomains of example.com, it does not protect the bare or apex domain (example.com). To protect both, see the next
profile picture
Sri
answered 3 years ago
0

SSL certificates are digitally signed so modifications to existing issued certificates are not possible. You can, however, create a new certificate request for the primary domain name and choose Add another name to this certificate to add additional names.

You can also request a new certificate for an additional domain and attach that new cert to your load balancer along side the existing certificate. Add certificates to the certificate list

Note: You cannot request certificates for Amazon-owned domain names such as my-load-balancer-1234567890abcdef.elb.us-east-2.amazonaws.com, you would need to request a certificate for a CNAME or alias record that points to your load balancer, Routing traffic to an ELB load balancer

AWS
Edward_S
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content