- Newest
- Most votes
- Most comments
In order to use ACM certificates on CloudFront, you should follow below steps.
- First create a hosted zone in Route53 with your apex domain i.e.
example.com
. - Once created, copy the 4 NS records of the new hosted zone to your GoDaddy domain. This causes your domain to use Route53 name-servers going forward.
- Select you newly created hosted zone, create an A record with Alias enabled, and select your CloudFront distribution from the dropdown.
- To create an ACM certificate, select us-east-1 (north virginia) region, as CloudFront certificates needs to be created only in this region.
- Use DNS Validation when provisioning the certificate using ACM, it takes some time to validate the domain. But if your domain is configured correctly, it will pass the validation in roughly 5 minutes.
This is possible in Route53 because of a Route-53 specific extension to DNS functionality called Alias records.
Unlike a CNAME, you can create an ALIAS record for the zone apex, which will deliver the functionality you're looking for.
Is there a specific reason why you would not consider hosting the domain with Route53? If you do not want to move it, the best alternative is probably to set up a redirection from the apex to www, but this would need to be hosted somewhere where you can get a static IP address for it, unless Godaddy offer this as a service.
It is not possible to move it. Also redirection in godaddy is failing for https. We considering use AWS Global Accelerator so we can retrieve a static Ip and assign it to the apex domain in godaddy
Relevant content
- asked a year ago
- Accepted Answerasked 2 years ago
- asked 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
You're now using Route53 for DNS. If you previously had any other records in your zone file (eg. MX, other A records, etc) you'll need to re-create those in Route53
We had some issues with godaddy and it seems like the above never worked. We were forwarding the apex domain to the cloudfront. Now that we managed to disable it. With the above configs the apex domain is parked for http . Shall we delete the A pointing to park into godaddy? But even then it not seems that godaddy is going to use route53 because it should use it right after we deleted the forwarding. Another thing is that there are many other partis using the godaddy domain to host other functionalities. So we cannot move the nameservers to route 53 at all I guess