By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Request for ACM certificate is failed

0

We requested for a certificate via AWS ACM services 5 days back for our domain. Our domain is registered in Godaddy. However, recently (10 days back) we pointed the Godaddy Domain to AWS Route 53 hosted zone (in turn name servers). The below message is been mentioned under Renewal Eligibility. Ineligible

Our domain name is raaka.in

I am not sure what does this Ineligible is meant for us ? Are we missing to add anything here ? Any reason why AWS is not able to consider our request for creating certificate. It is very urgent, any help is greatly appreciated.

Topics
Security, Identity, & Compliance
Tags
AWS Certificate Manager
Language
English
raaka
asked 9 months ago236 views
4 Answers
0
Accepted Answer

Have you created the CNAME records specified by ACM in your route53 domain?

ACM certificates might be ineligible for renewal if:

  • The certificate isn't associated with another AWS service.
  • The certificate is expired.
  • The certificate is imported.
  • it's a private certificate issued with the IssueCertificate API call.
profile picture
EXPERT
Gary Mclean
answered 9 months ago
  • raaka
    9 months ago

    Hi Gary,

    Thanks for your answer. I didn't have CNAME record. Today, I created a CNAME record and requested again for the certificate in ACM. Hope this time it should work. Once again thanks for your response

  • Gary Mclean EXPERT
    9 months ago

    No worries.. Hopefully they normally issue in about 5 mins.. Come back and ask any Qs if they dont

0

Hi Gary,

It is almost 10 hours passed. Still my request status is in "Pending validation". Can you help me what can I do to get a certificate ? Not sure, what is being missed in my request. To give more context, we have registered a domain in Godaddy and now we pointed it to AWS Route 53 hosted zone name servers. We have hosted ALB and pointed it to A record (www.raaka.in) in the hosted zone. Behind this ALB, we have our application which renders web conent. We want to make it https.

raaka
answered 9 months ago
  • Gary Mclean EXPERT
    9 months ago

    Have you tried performing a nslookup of your cname and ensure it resolves

0

Hi Gary,

Yes, I did nslookup and below is the response.

uday@LPBLPF1AWQ9K:~$ nslookup cdn.raaka.in
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
cdn.raaka.in	canonical name = d1q9zll394q3bf.cloudfront.net.
Name:	d1q9zll394q3bf.cloudfront.net
Address: 13.249.219.49
Name:	d1q9zll394q3bf.cloudfront.net
Address: 13.249.219.14
Name:	d1q9zll394q3bf.cloudfront.net
Address: 13.249.219.199
Name:	d1q9zll394q3bf.cloudfront.net
Address: 13.249.219.58
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:5a00:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:c00:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:2600:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:b600:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:b400:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:a00:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:ec00:1b:ec92:d2c0:21
Name:	d1q9zll394q3bf.cloudfront.net
Address: 2600:9000:215c:d200:1b:ec92:d2c0:21
raaka
answered 9 months ago
0

Hi Gary,

This issue is resolved. Now we can access www.raaka.in with https.

raaka
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content