My check list:
- Check if there is no additional characters or is missing characters
- Check if there is no repeating bare domain to the end of its DNS records
- Resolve the CNAME record using nslookup or dig and next I will check the below steps
For your case just want to check, when we perform the dig to the CNAME record are we seeing response. If not, then we need to check on which Public hosted our domain is configured (often we create multiple HZ's and end-up adding in wrong HZ)
It's worth noting that the verification will timeout after 72 hours, so it will be possible you'll have to set this certificate up again.
In the mean time, check that your verification has been copied and pasted into Route53 correctly. A common mistake is to copy the full verification record, including the target domain, which then causes a double domain reference. e.g. _a79865eb4cd1a6ab990a45779b4e0b96.example.com.example.com.
Check that you have not done this by accident.
Ensure that you have not stripped the _ from the start of the verification record too.
AWS Certificate Manager Domain Validation Issueasked 4 months ago
ACM was unable to renew the certificate automatically using DNS validation. Next step verification.Accepted Answerasked 2 months ago
Certificate Requests Stuck In Pending Validationasked 3 years ago
AWS Certificate Manager-validationasked 22 days ago
Domain Certificate Validationasked 8 days ago
ACM certificate DNS validation does not validate my certificateasked a month ago
ACM certificate validation status is still pending and CNAME record isn’t added to the correct DNS configurationAccepted Answerasked 23 days ago
Certificate Validation LighSailasked 4 months ago
[obsolete] CNAME records already present, but ACM still marks the certificate as "Pending validation"asked 8 months ago
ACM was unable to renew the certificate automatically using DNS validationasked 3 years ago