- Newest
- Most votes
- Most comments
Steps to Troubleshoot and Resolve the Issue:
Check DNS Propagation:
Since you're using a DNS checker tool, verify that the CNAME record for _acme-challenge.terteel.com is correctly propagated globally, especially in the Turkey region. If there's a red cross, it indicates that the CNAME record hasn't propagated correctly to all DNS servers in that region.
Ensure Correct CNAME Record:
Double-check the CNAME record you added in your DNS provider. Ensure that the value matches exactly what ACM provided, including any trailing dots and avoiding any accidental spaces.
TTL Settings:
Review the Time-To-Live (TTL) settings for your DNS records. If the TTL is set too high, it might delay the propagation. Lowering the TTL (e.g., to 300 seconds) temporarily during this process might help speed up propagation.
Manual DNS Check:
Manually query the DNS record using tools like dig or nslookup to check from different geographical regions. This can help pinpoint if the issue is specific to Turkey or just a temporary DNS propagation delay.
Example using dig:
dig _acme-challenge.terteel.com CNAME +short
Compare the output with the expected ACM-provided CNAME target.
DNS Propagation Delays:
Sometimes, DNS propagation can take longer in specific regions due to various reasons like ISP caching or regional DNS server issues. If time permits, waiting a few more hours might resolve the issue.
Alternative Validation Methods:
If the DNS validation is taking too long or failing, you could consider switching to email validation or HTTP validation if your domain setup allows it.
ACM Support Contact:
Given that your SSL certificate is about to expire today, if the issue persists and you cannot resolve it, consider reaching out to AWS Support for urgent assistance. They might be able to provide insights or expedite the validation process.
Temporary SSL Certificate:
If the SSL certificate expires and the validation is still pending, consider using a temporary SSL certificate (e.g., from Let's Encrypt) to avoid downtime, while you continue resolving the ACM validation issue.
Hi buddy: I have tried from my home wifi too, and still only that Turkey region is giving the issue. I have just recorded my screen to share with you all the steps that I am following, please take a look at it and guide me if I am doing anything wrong? https://we.tl/t-90W33c83C5
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
Dear Thanniru: Thanks for your prompt response, my TTL settings were already 300 seconds, but this Turkey kept showing not validated for nearly 1 day now, also today when I logged into my ACM console, it doesn't show my certificate, so do you think ACM has now deleted my certificate?
Yes, ACM likely deleted your certificate due to the failed DNS validation within the required timeframe. You'll need to request a new certificate in ACM, ensure the CNAME records are correct, and monitor DNS propagation closely.
hi buddy: I just created a new certificate in ACM and even for this one, Turkey region is not being resolved :(
https://whatsmydns.me/#CNAME/*.acme-challenge.terteel.com
Is it due to my office Wifi or some issue with my wifi settings? And any idea how can I fix this issue?
may be Office Wi-Fi setting can you please try once Personal laptop buddy
Hi buddy: I have tried from my home wifi too, and still only that Turkey region is giving the issue. I have just recorded my screen to share with you all the steps that I am following, please take a look at it and guide me if I am doing anything wrong? https://we.tl/t-90W33c83C5