Reputation: 221
Certificate must have a fully-qualified domain name, a supported signature, and a supported key size
I am trying to add certificate listner against a certificate using following code
const listenerBody = {
Certificates: [
{
CertificateArn: certificate.certificate_arn
},
],
ListenerArn: httpsListnerArn
}
elbv2.addListenerCertificates(listenerBody, async function (err, data) {}
But I am getting following error
UnsupportedCertificate: The certificate 'arn:aws:acm:us-west-2:557863456534:certificate/7accec1c-57df-4c6f-a5c5-3f76b1fa9f92' must have a fully-qualified domain name, a supported signature, and a supported key size.
Upvotes: 20
Views: 16793
Answers (2)
Reputation: 81
In my case, it was the timing after cert creation and validation. I needed to sleep about 20 seconds for the process to go smoothly. I slept 10 seconds for starters, only worked when I waited 20, so somewhere between 10-20 seconds the Cert becomes detectable on the LBs.
Upvotes: 7
Reputation: 504
Error messages can be a bit misleading at times. You may receive this error if the certificate is still pending validation. If the certificate was recently added to AWS Certificate Manager, make sure that it has been validated. Certificates will not be available for use unless you are able to validate that you own or control the domain(s). You can validate ownership using email or DNS.
Upvotes: 35
Related Questions
- Provided certificate is not a valid self signed. Please provide either a valid self-signed certificate or certificate chain
- AWS: "Unable to parse certificate. Please ensure the certificate is in PEM format."
- AWS-issued certificate failure
- SSL certification not working when I don't use https before my domain name
- ValidationException in AWS when creating a CA Certificate
- How to upload a SSL certificate to IAM
- SSL Certificate + EC2
- ssl certificate for aws
- AWS security certificate
- SSL Error on using Amazon ELB