Reputation: 748
aws how to set up ssl certificates for cloudfront distribution, for route 53 hosted domain?
I have registered a domain (my-domain.com) through Route 53 and I have a static website that is served out of an S3 bucket.
My goal is to set up a Cloudfront distribution for my S3 bucket, and then use the Cloudfront endpoint to direct my domain at.
I followed this video (https://www.youtube.com/watch?v=DiIaoIcoKNY), specifically the Process 2 approach (using an S3 website endpoint as the origin within Cloudfront). It starts at about 6 min 40 secs in the video.
When I got up to the point where they enter the SSL Certificate (at 9 min 15 secs), I selected 'Request or Import a Certificate with ACM' because I don't have any certificate.
I then went into Certificate Manager and requested one. It allowed me to download a file called DNS_Configuration.csv that contained two CNAME records. The status in Certificate Manager is 'Validation not complete' and I am stuck as how to go from here. I have attached a screen shot of this screen in Certificate Manager.
I understand I need to validate the DNS configuration to receive the certificates, but how can I do this given I need my Cloudfront distribution set up as target for my Route 53 record sets? I.e., if I set up record sets in Route 53 (see screen shot), then I need to point it to my Cloudfront distribution. But I cannot create the CF distribution because I don't have the certificates.
I feel like I'm in a catch 22, so any help to get me to the next step from here would be great!
Links to my screen shots:
Upvotes: 1
Views: 1145
Answers (1)
Reputation: 8603
You will set up an A record and point to aaabsbsbsbexample@cloudfront.net in order to get your website domain such as example.com served by cloudfront distribution.
In order to validate the certificate request, you will setup a CNAME record in order to confirm the ownership of the domain as requested by ACM. this CNAME is different to your website's domain. For example the CNAME key will be like _x1.example.com and the value be like _x2.acm-validations.aws
Upvotes: 1
Related Questions
- CloudFront distribution and AWS issued certificate gives SSL_ERROR_NO_CYPHER_OVERLAP
- Setting CNAMEs to CloudFront
- AWS: imported SSL certificate not showing up in CloudFront
- Problem associating CloudFront distribution with Route 53 domain
- Cloudfront with EC2 instance
- Cloudfront serving over own SSL certificate
- Use what Origin and ServerName for SSL certificate between CloudFront and EC2 Origin?
- How to use Amazon ACM cert with Cloudfront?
- Use CA certificate for AWS CloudFront
- How to install SSL on CloudFront correctly?