By using AWS re:Post, you agree to the Terms of Use

SSL Name Mismatch with API Gateway Custom Domain


I have a Regional API Gateway (WebSocket flavor) with a custom domain name and am seeing intermittent SSL domain name mismatch errors. When checking with a tool like it shows that sometimes a cert for * is being returned instead of the custom domain name. I have verified the following:

  • Certificate is in the us-west-2 region
  • API Gateway is in the us-west-2 region
  • Route 53 domain name points to the URL of the custom domain name and not the API
    • Note that the custom domain name URL shows d-{id} and not a URL Any other thoughts as to why this might be happening?