how should we set up DNS records (or/and add domain to “Route 53”) for SSL


Currently, we have registered domains outside of AWS account but need to host it on AWS with SSL (issued on the same AWS account). The question is how we should set up DNS records (or/and add domain to “Route 53”) for SSL so it works for our domain.

asked 6 months ago247 views
1 Answer


Do you use ACM to issue SSL certificates?
In that case, there is no need to move the hosted zone to Route53.
After issuing an SSL certificate with ACM, you can use the SSL certificate by adding a CNAME record for authentication to the external hosted zone.

If you want to manage your domain with Route53, after creating a hosted zone with Route 53, please rewrite the NS record of the external domain registrar to the NS record listed in the Route53 hosted zone.
This will delegate your domain to Route53, so you can register and manage your ACM validation CNAME record with Route53.

profile picture
answered 6 months ago
profile picture
reviewed 6 months ago
  • “Do you use ACM to issue SSL certificates?” Yes, we use ACM and SSL is verified via Email

    Currently, we do not have any domains under “Route 53”.

    We do have a single bucket for our domain and 2 more questions:

    1. In other to www work, should I duplicate my current bucket for ?
    2. Our domain is registered under tucows and we need to add DNS records to host our web site on AWS. I cant find any bucket setting for new NS records I have to add under tucows

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions