Lightsail - Containers - Certificate Validation Trouble


I am struggling with certificate validation. I am using Lightsail's container offering, and having trouble with adding a certificate. I've gone through the following documents:

We're using CloudFlare, I'm not sure if we have to do something in Route 53 for this, if we do it's not called out well.

Here's what I've done:

  1. Added a DNS zone, we'll call it

  2. Created certificate for, copied out the CNAME name and value (fake examples below):

  3. Went back to DNS zone, tried adding the CNAME record in several ways:

Subdomain: _99f615c816f97e9a75b03f8dd33d4ef6.www
Maps to:

Maps to:

Subdomain: _99f615c816f97e9a75b03f8dd33d4ef6
Maps to:

Subdomain: www
Maps to:

  1. Waited...

The cert never validates.

Edited by: Tigardis on Jul 20, 2021 12:51 PM

asked a year ago14 views
1 Answer

For anyone else out there using Lightsail containers with CloudFlare - this is what worked for me...

  1. Create the certificate request (example only)
Record type: CNAME

  1. Add the following records to your DNS zone

Subdomain Maps to

Subdomain Maps to

  1. Add the following record to CloudFlare

Name Target Proxy Status
foo DNS Only (grey cloud)

  1. Navigate to, expect an error at this point because you haven't attached a cert

  2. Check the status of your certificate, it should validate at this point - if it does not, try adding the following record to CloudFlare

Subdomain Maps to Proxy Status DNS Only (grey cloud)
6. Attach the certificate

  1. Navigate to once more, and HTTPS should work with your custom domain
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions