SSL/TLS Manual Renewal

0

I recently received this email regarding manually renewing my TLS/SSL cert -

AWS Certificate Manager (ACM) was unable to renew the certificate automatically using DNS validation. You must take action to ensure that the renewal can be completed before Sep 17, 2022 at 23:59:59 UTC. If the certificate is not renewed and the current certificate expires, your website or application may become unreachable.

To renew this certificate, you must ensure that the proper CNAME records are present in your DNS configuration for each domain listed below. You can find the CNAME records for your domains by expanding your certificate and its domain entries in the ACM console. You can also use the DescribeCertificate command in the ACM API[1] or the describe-certificate operation in the ACM CLI[2] to find a certificate’s CNAME records. For more information, see Automatic Domain Validation Failure in the ACM troubleshooting guide[3].

I have gone and verified that the CNAME records match those on my DNS config for the domain that needs to be updated. Is there any further action that needs to take place? For context: my DNS and certificate were both issued and configured through AWS.

1 回答
0

If you have verified that the CNAME is present, check if the CNAME actually resolves / propagated as well. To check for DNS propagation you can use https://www.whatsmydns.net/ To check for DNS resolution you can use command "nslookup <CNAME record>. If this works, the renewal should get through.

profile pictureAWS
GG
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则