- Newest
- Most votes
- Most comments
You didn't mention your domain but wild guess is this might be because Cloudflare has CAA records setup for your domain that prevent AWS from issuing the cert.
From https://coady.tech/amplify-cloudflare-caa-error/
CAA records, also knows as Certification Authority Authorization records, are used to restrict which Certificate Authorities are allowed to issue certificates for your domain. In this instance it seems CloudFlare’s Universal SSL automatically created CAA records for the providers they use, including Let’s Encrypt, DigiCert, and others. When AWS Amplify attempts to issue you with a certificate their system will check your domain’s CAA records. If AWS isn’t listed then it will return an error.
You can verify this with your favorite DNS tool or using online services like https://toolbox.googleapps.com/apps/dig/#CAA/
Relevant content
- asked a year ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Thanks for the suggestion. There weren't any CAA records on my domain. I tried to explicitly create the necessary CAA records, as per the article on coady.tech, but that did not help. If it helps, the domain is lllamnyp.su.