Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

DNS Validation problem

0

Since 2019-06-26 my certificates are taking days to approuve. The worst is that it's not constant.

Let me explain a little more.
I have 2 cases, certificates where the domains are in Route53 or directly in the domain host. On both cases the validation is made by DNS.
The dns are configured and can be tested via applications like: https://mxtoolbox.com/CNAMELookup.aspx

On both cases the certificate end up approved, but I have cases that it took more than 4 days and I had to recreate the certificate others are still waiting and nothing happens.

If someone from aws read this here are two exemples:
Domain 1: primeenergie.online -> arn:aws:acm:us-east-1:545370662045:certificate/d320b89b-64f6-4587-b55c-831c0576cb8c

Domain 2: dessinemoiunerose.com -> arn:aws:acm:us-east-1:545370662045:certificate/1035c81d-4bb0-4a96-bc09-6d4ec1ab8745

I can see this is recurring problem on aws. I just wish they show the DNS verification for certificates are intermittent via https://status.aws.amazon.com/ so I can explain my clients that the certificate approval is taking more time to get approved.

I don't know what to do now, can someone help?

thank you very much :-)

Edited by: victorayub on Jul 30, 2019 10:59 AM

Topics
Security, Identity, & Compliance
Tags
AWS Certificate Manager
Language
English
asked 6 years ago361 views
1 Answer
0

Found the problem.

It ended to be a matter of account limits. There'a a limit for the quantity of certificates for region. Which is nice.

But when you have more than 300 certificates things get very complicated. The ACM dashboard is not capable to load all the certificates not even give the quantity of certificates issued. It's hard to keep track when you have nothing to mesure the quantity of certificates.

Another annoying thing, there's no message telling me I'm at the account limit, it just start working in a weird way, approving some certificates and forgetting others, there's no message, no nothing. It's hard to solve a problem like this.

Anyway, the problem is solved and if anyone have the same experience try to raise your ACM limit in your account.

Have a nice day.

answered 6 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content