how to request ACM using AWS default DNS for ELB

Question

I have an application running on AWS ELB and want to set up https listener. I tried to request an SSL certificate using AWS ACM but was unable to do because the ELB is using default AWS DNS name. Is it possible to request ACM for the DNS name like below?

abc-123455.us-east-2.elb.amazonaws.com

Answer 1

No, you can't create a certificate for a DNS name that you don't own. It is owned by AWS. What you can do is request an ACM for a DNS name that you do own like vamsi_domain.com. Then in Route53 you can use an alias (similar to CNAME) record to alias vamsi_domain.com as abc-123455.us-east-2.elb.amazonaws.com.

See the answer to this question for more information: https://serverfault.com/questions/424253/how-does-one-point-a-domain-to-a-load-balancer-that-doesnt-have-a-stable-ip

Answer 2

Type the name of your domain in the Domain name box and choose Next. In this example, I type www.example.com. You must use a domain name that you control. Requesting certificates for domains that you don’t control violates the AWS Service Terms.

so in short, you can not use LB DNS name because you can not control LB DNS name but it controls by AWS.

easier-certificate-validation-using-dns-with-aws-certificate-manager

Now, the question is how you will validate the DNS? as AWS ACM required to validate the ownership of DNS.

You may request for the LB DNS but you will have to validate, and for validation, you need to place CNAME record in your DNS provider setting or have to use email.