跳至內容
使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post
關於 re:Post

Why is my request for an aws https certificate always failing?

0

Ok I own "tradez.co.nz", purchased it with aws, have it working with http. It is clear that it is being recognised by aws. Yet it is not! Every time I request a secure certificate it goes pending for 2 days and fails. I have tried both the DNS and email verification procedures. I have registered the IAM user "admin@tradez.co.nz" yet cant find where to check for any possible verification email. Furthermore, why is the DNS method not working when aws clearly knows I have the domain with all the DNS setup otherwise plain http would not be working? Confused.

主題
前端網頁與行動裝置商業應用安全性、身分識別與合規網路與內容交付
標籤
AWS Certificate ManagerAmazon Route 53Amazon Simple Email Service
語言
English
已提問 1 年前檢視次數 87 次
1 個回答
0

Your issue with obtaining a secure certificate for "tradez.co.nz" through AWS Certificate Manager (ACM) seems to involve several aspects of domain ownership, DNS configuration, and certificate validation. Let's break down the problem and provide some potential solutions:

  1. Domain Ownership and DNS Configuration: While you've purchased the domain through AWS and have HTTP working, this doesn't necessarily mean that AWS automatically recognizes your ownership for SSL/TLS certificate issuance. ACM requires additional verification.

  2. Certificate Validation Methods: ACM offers two validation methods: DNS validation and Email validation.

a) DNS Validation: This method requires you to add a CNAME record to your DNS configuration.

[+] https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html

If DNS validation is failing, ensure that:

  • You have proper permissions to modify DNS records
  • The CNAME record is correctly added to your DNS configuration
  • You're waiting long enough for DNS propagation (can take up to 48 hours)

b) Email Validation: For email validation, ACM sends verification emails to specific addresses associated with your domain.

[+] https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html

  1. IAM User and Email Verification: The IAM user "admin@tradez.co.nz" is not directly related to the certificate validation process. For email validation, ACM sends emails to predefined addresses like:
  • administrator@your_domain_name
  • hostmaster@your_domain_name
  • postmaster@your_domain_name
  • webmaster@your_domain_name
  • admin@your_domain_name
  1. Troubleshooting Steps: a) Verify Domain Ownership: Ensure that the domain's WHOIS information is up to date and matches your details.

b) Check DNS Configuration: Use the dig command or online DNS lookup tools to verify your DNS records.

c) Review ACM Console: In the ACM console, check the status of your certificate request and look for any error messages.

d) Use AWS CLI: You can use the AWS CLI to get more detailed information about your certificate request:

aws acm describe-certificate --certificate-arn <your-certificate-arn>

e) Contact AWS Support: If all else fails, consider contacting AWS Support for assistance.

By following these steps and consulting the AWS documentation, you should be able to troubleshoot and resolve the issue with your SSL/TLS certificate for "tradez.co.nz".

AWS
專家
已回答 1 年前
專家
已審閱 1 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

相關內容