By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Certificate not getting issued

0

Hi, I want to issue a certificate for my domain something.com. I registered a domain on Route 53, created a hosted zone. Following Riku_Kobayashi's advice I added a new certificate resource to my cloudformation template:

"MonSiteVitrineCertificate": {
      "Type" : "AWS::CertificateManager::Certificate",
      "Properties" : {
        "DomainName" : "xxxxxx.com",
        "DomainValidationOptions" : [
          {
            "DomainName": "xxxxxxx.com",
            "HostedZoneId": "XXXXXXXXXXXX"
          }],
        "ValidationMethod" : "DNS"
      }
    },

The certificate was issued on first attempts but my geographic areas were misconfigured so I deleted them and started all over again and now the certificates won't get issued, they get stuck in PENDING_VALIDATION and the stack won't deploy. Please help!

Topics
ComputeManagement & GovernanceNetworking & Content DeliverySecurity, Identity, & Compliance
Tags
Website ProvisioningAWS CloudFormationAmazon CloudFrontAmazon Route 53AWS Certificate Manager
Language
English
Stevo
asked 3 months ago300 views
1 Answer
1
Accepted Answer

Hi,

With the AWS::CertificateManager::Certificate Cloudformation resource, the domain validation should be automatic if certificate domain is hosted in Amazon Route 53, the domain resides in your AWS account, and you are using DNS validation. - it looks like your use-case meets all three requirements.

You mentioned your initial attempt was successful - which means the CNAME record was added into your Route53 hosted zone. Are you using the same R53 zone or a different one? You can perform a DNS query for the CNAME to validate record was added into the zone and is propagated. You may just need to wait some time.

Also, have you seen this repost article? - Why is the CNAME record not resolving for my ACM issued certificate and the DNS validation status is still pending validation?

AWS
Akin
answered 3 months ago
  • Stevo
    2 months ago

    The resources are in eu-west-3. I'm requesting the certificate via my cloudformation template and region can not be specified in declaration (the option does not exist). First succeeded attempt: all resources were in N. Virginia. I'm sure it must be possible to request a certificate in N. Virginia if the stacks are in another zone, right?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content