Whether you're taking your first steps with Kubernetes or you're an experienced practitioner looking to sharpen your skills, our Amazon EKS workshop series delivers practical, real-world experience that moves you forward. Learn directly from AWS solutions architects and EKS specialists through hands-on sessions designed to build your confidence with Kubernetes. Register now and start building with Amazon EKS!
ACM does not generate CNAME for validation
Hi,
I'm trying to request a new certificate, for wildcard domain *.example.com but immediately after requesting submission certificate is marked as Failed, and for the DNS validation option CNAME name and value are just empty (pressing copy button return undefined into the buffer)
Is it a defect or I'm doing something wrong?
- Newest
- Most votes
- Most comments
OK, it seems like I found the reason. When I try to generate a certificate for the .com domain - it can be generated with no issue, but in my case, I try to generate a certificate for the *.by domain. I assume it's failed because some sort of sanctions took into consideration here, there only problem is that it does not properly communicated back thru the interface.
You are getting this error because you are using example.com as the domain name. According to the documentation https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html#failed-additional-verification-required
ACM requires additional information to process this certificate request. This happens as a fraud-protection measure if your domain ranks within the Alexa top 1000 websites. To provide the required information, use the Support Center to contact AWS Support. If you don't have a support plan, post a new thread in the ACM Discussion Forum.
So if you do in fact own example.com then you would need to contact AWS Support. Otherwise use a domain you own *.domainiown.com. You can then either buy the domain on AWS or through a third party and configure the DNS NS record to point to a route53 record and complete the CNAME verification.
Relevant content
- asked 2 years ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
I'm using my real domain name, *.example.com just an example