admin管理员组

文章数量:1399474

Context: I have an AWS Lambda function exposed via API Gateway. I want to secure and expose it through Cloudflare.

Steps to Replicate:

  • In API Gateway, create a custom domain.

  • During creation, AWS requires a certificate, so I generate one for:

  1. mydomain
  2. api.mydomain
  3. www.mydomain

AWS provides three CNAME records to add in Cloudflare with this structure: Domain, Type, CNAME Name, CNAME Value

  • I add these CNAME records in Cloudflare DNS.

  • I wait for AWS validation (it always fails).

What I Have Tried:

  • Removed the trailing dot (.) from the CNAME name and value (Cloudflare removes it automatically).
  • Set records to DNS Only (not proxied).
  • Verified CNAME propagation using dig and DNSChecker (records are reachable).
  • Tested using only one domain for validation.
  • Deleted and recreated the certificate request.
  • Tried configuring the DNS in Hostinger instead of Cloudflare (same failure).

Still having the issue, thanks in advance for your help

Context: I have an AWS Lambda function exposed via API Gateway. I want to secure and expose it through Cloudflare.

Steps to Replicate:

  • In API Gateway, create a custom domain.

  • During creation, AWS requires a certificate, so I generate one for:

  1. mydomain
  2. api.mydomain
  3. www.mydomain

AWS provides three CNAME records to add in Cloudflare with this structure: Domain, Type, CNAME Name, CNAME Value

  • I add these CNAME records in Cloudflare DNS.

  • I wait for AWS validation (it always fails).

What I Have Tried:

  • Removed the trailing dot (.) from the CNAME name and value (Cloudflare removes it automatically).
  • Set records to DNS Only (not proxied).
  • Verified CNAME propagation using dig and DNSChecker (records are reachable).
  • Tested using only one domain for validation.
  • Deleted and recreated the certificate request.
  • Tried configuring the DNS in Hostinger instead of Cloudflare (same failure).

Still having the issue, thanks in advance for your help

  • amazon-web-services
  • aws-lambda
  • cloudflare
  • aws-acm
Share Improve this question asked Mar 25 at 21:04 JuanJuan 717 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

well after struggling a bit... I found the issue in MY context. In case it helps someone...

My issue was that I was just adding the CNAMEs which is something I have to do… but my DNS Records in Cloudflare didn’t included this configuration, that is needed for AWS to be able to generate the certificate

So after I configured 2 records per url (1 for wildcare, 1 for literal) for each of this domain:

  • amazon

  • amazontrust

  • awstrust

  • amazonaws

The issue seems to be gone!

本文标签:

版权声明:本文标题:amazon web services - Certificate Authorization problems to validate domain Ownership ( AWS ACM with CloudflareHostinger) - Stac 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744168596a2593669.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。