AWS App Runner Generating CNAME Host with greater than 60 characters

0

I have my app configured on AWS App Runner, and it works as expected. However, when I assign/link a custom domain to it, one of the certificate validation CNAMEs generated by ACM exceeds 60 characters. My domain is hosted on Namecheap, which does not allow CNAME hosts longer than 60 characters. I found that other DNS providers have similar restrictions.

Since my domain is a ".ai" domain, it is not supported by AWS Route 53 and thus cannot be transferred there. I have to add this CNAME host to 3P DNS provider.

How can I resolve this issue? Can AWS be forced to. generate CNAME host < 60 chars?

This is a significant blocker for me.

1 Answer
0

I'm not quite sure what is longer than 60 characters, the name of the record or its value. But I'm sure you can create a hosted zone for an .ai domain in Route 53 and point the domain to the Route 53 name servers from the registrar, such as NameCheap.

If it's the name of the CNAME record that is exceeding the limit, could you work around the issue by having ACM issue a wildcard certificate for your domain name, rather than for an individual hostname?

EXPERT
Leo K
answered 3 months ago
  • Its the CNAME host that is greater than 60 characters and Namecheap is erroring out for host name not < 60 characters

    How can I force ACM to issue a wildcard certificate?

    This is my CNAME host generated by ACM under App Runner custom domain settings

    CNAME Host: _60cd9127adc10b03c23c3f2347d794f1.2a57j78mm1lfilfwjnwxmbay4ucmhzo.api.stage

  • The CNAME host generated under App Runner > Custom Domain does not show up in ACM. CNAME generation seems to be very centric to App Runner only.

  • Just request a certificate for *.yourdomainname.ai from ACM. Also, I think you can create that name in NameCheap by creating each level separated by a "." as a subdomain. The record name will be just "_60cd9127adc10b03c23c3f2347d794f1".

  • Note that if you create a wildcard certificate, you'll need it for the deepest level of the subdomain structure, so *.2a57j78mm1lfilfwjnwxmbay4ucmhzo.api.stage.mydomainname.ai in this case. Wildcards don't extend to deeper levels.

  • Thanks Leo! Can you elaborate on this a little further

    "each level separated by a "." as a subdomain"

    Does that mean I create following CNAME records

    Name/Host: _60cd9127adc10b03c23c3f2347d794f1 Value: <The actual CNAME value provide by AWS>

    then add another entry as

    Name/Host: 2a57j78mm1lfilfwjnwxmbay4ucmhzo.api.stage Value: <The actual CNAME value provide by AWS>

    I am bit confused here

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions