I can't validate the Lightsail cdn SSL certificate and I don't know why?

0

I cannot validate the Lightsail cdn SSL certificate.

I used this tutorial as base to set the certificates:

https://lightsail.aws.amazon.com/ls/docs/en_us/articles/verify-tls-ssl-certificate-using-dns-cname-https

I followed this procedure. 01- I entered the CDN area, chose the plan and added the origins.

02 - After that I went to Custom Domains. I created the certificates by generating the keys to be added to the CNAMES. Print screen link as procedure reference

https://d17lbu6bbzbdc8.cloudfront.net/wp-content/uploads/2022/05/22200628/01.png

I'm using lighsail's own DNS zone manager.

04 - I go to the lighsail DNS zone and add the CNAMES with name and value.

Print screen link as procedure reference

https://d17lbu6bbzbdc8.cloudfront.net/wp-content/uploads/2022/05/22200822/02-cnames.png

05 - I wait for the validation, which after passing the 72 hours does not activate.

I tried this validation with SSL enabled on the Lightsail CDN and without SSL enabled, but none worked.

I followed the light sai tutorials and couldn't figure out what I'm doing wrong. If anyone has any ideas.

I'm already thanking you for your help.

asked 2 years ago943 views
2 Answers
0
Accepted Answer

The only error I see is that for the CNAME entry starting with _4901, you are missing the www in the FQDN. Do a DNS lookup on this CNAME and you would find that it returns a response for FQDN starting with _4901 but without www and no response for the same FQDN with www included

In other words, for the screenshot in 01.png one CNAME returns a response and the other does not. Maybe fixing this would ensure SSL validation

--Syd

profile picture
Syd
answered 2 years ago
  • Thanks, I figured out what's wrong and basically when I was trying to register the domain I forget to copy the www. I was try linke that: _4901abe5de0d8cf29f6b54b83196fdf0. but to register the dns I should pass like that: _4901abe5de0d8cf29f6b54b83196fdf0.www.

    that was my mistake.

    Thank you for your help.

0

I figured out what's wrong and basically when I was trying to register the domain I forget to copy the www. I was trying like this: _4901abe5de0d8cf29f6b54b83196fdf0.

I was trying to register a www domain without the www

but to register the dns I should pass like that: _4901abe5de0d8cf29f6b54b83196fdf0.www.

On the CNAME to register as WWW.

that was my mistake.

Thank you for your help.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions