ACM Requested Public SSL certificate not appearing in CloudFront

Question

I'm creating a CloudFront distribution for an S3 bucket. I successfully created it and mapped the DNS. Now I want to use HTTPS for the DNS.

I created a cert via ACM. But the cert is not appearing in the CloudFront Custom SSL pge.

Any ideas why?

Answer 1

This is very likely down to it being created in the incorrect region. I have made a blog posting on this, and how to resolve it https://www.paulspetprojects.net/solve-ssl-cert-not-appearing-in-aws-cloudfront/

Answer 2

Just in case you're reading this in 2024, when AWS just started to support ECDSA (elliptic curve) key algorithm in ACM. I faced the same issue, however, now the UI looks a bit different and you cannot just paste the certificate ARN in that box.

As it turned out, the issue was that while ACM does support ECDSA, the CloudFront supports only RSA certificates with keys between 1024-3072 bits. So make sure that your certificate has the following in the "Details" panel:

Answer 3

I was able to accomplish the task, however, this is not the answer to the question.

I pasted the certificate ARN to the Custom SSL field and updated the CloudFront distribution. By this way, I was able to add SSL to my custom domain. However, my certificate still not appears in the Drop down menu.

Answer 4

Pls verify whether the certificate is created in us-east-1 region. Cloud front can use certificates that are created in that specific region.