Can't use ACM certificate in Cloudfront China

Question

I am in China region, created a ACM certificate in cn-north-1 region. I then tried to use this certificate to create a cloudfront. But I got error "Invalid request provided: The specified SSL certificate source isn't available in this region."

I then tried to create ACM certificate in cn-northwest-1 region, but result in the same error.

I read the doc, it says I must use us-east-1 to create certificate but that region isn't available in China.

So is it possible to use certificate manager with cloudfront in China?

Accepted Answer

This is answered in public documentation for AWS China in [https://docs.amazonaws.cn/en_us/aws/latest/userguide/cloudfront.html]()

> Amazon CloudFront in the China Regions currently does not support Amazon Certificate Manager. You must get an SSL/TLS certificate from a different third-party certificate authority (CA) and then upload it to the IAM certificate store. For more information, see Importing an SSL/TLS Certificate in the Amazon CloudFront Developer Guide.

Answer

The correct answer is, you need to use third party (e.g. redfort) to issue the certificate in China, because Cloudfront distribution does not support ACM certificate in China regions.

Answer

Hello

If you need to use the Cloudfront , You must create ACM in us-east-1 region then you can use it Cloudfront, Please check the link for the regions https://www.amazonaws.cn/en/about-aws/regional-product-services/

AWS Premium support:

How do I configure my CloudFront distribution to use an SSL/TLS certificate?
https://aws.amazon.com/premiumsupport/knowledge-center/install-ssl-cloudfront/

Thank You
GK

Can't use ACM certificate in Cloudfront China

相關內容