NET::ERR_CERT_COMMON_NAME_INVALID

Question

I'm using GoDaddy domain and nameserver:

**1.** I requested AWS SSL certificate for my domain account.mydomain.com.

**2.** Then I added type:CNAME,  name:_xxxxxxxxxxxxxxxxx,  value:_xxxxxxxx.xxxxx.acm-validations.aws. to my DNS record in GoDaddy and successfully issued my SSL certificate.

**3.** Then I opened my UserPool>Domain name>Your own domain> entered domain as account.mydomain.com & selected my issued SSL certificate as AWS managed certificate.

**4.** Then I added type:CNAME, name:account, value:mydomain.com to my DNS record in GoDaddy.

**5.** Also type:CNAME, name:www, value:xxxxxxxx.cloudfront.net.(Alias target) in DNS record in GoDaddy.

Now when I lunched my hostedUI it is showing an error:

"Your connection is not private
Attackers might be trying to steal your information from account.mydomain.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID"

Accepted Answer

Please check if you have down below two steps

1. You must change the AWS region to US East (N. Virginia) in the ACM console before you request or import a certificate
2. To set up a custom domain name or to update its certificate, you must have permission to update Amazon CloudFront distributions. You can do so by attaching the following IAM policy statement to an IAM user, group, or role in your AWS account:
3. 
```
{
    "Version": "2012-10-17",
    "Statement": [
         {
            "Sid": "AllowCloudFrontUpdateDistribution",
            "Effect": "Allow",
            "Action": [
                "cloudfront:updateDistribution"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}
```
Refer "Prerequisites" :
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html

NET::ERR_CERT_COMMON_NAME_INVALID

相关内容