Create certificate using cloudformation fails when using SubjectAlternativeNames

Question

I am trying to use cloudformation to create a certificate. The domain is managed in route53.

```
Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub
          - www.${Domain}
          - Domain: !Ref DomainName
      ValidationMethod: DNS
```

If I remove the `SubjectAlternativeNames` the cert is created, but with the alternate names it fails to create the second cname record which leaves the cert as in progress for 12 hours before failing and being deleted.

I can see in the cert manager that the domain name has a success status, but the alternate name stays as Pending validation.

In route53, the cname is created for the domain, but no record is created for the alternative names.

Accepted Answer

Hello.

I think it will work if you also specify the subdomain in "DomainValidationOptions".  
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-subjectalternativenames  
```
Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
        - DomainName: !Sub "www.${DomainName}"
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub "www.${DomainName}"
      ValidationMethod: DNS
```

Create certificate using cloudformation fails when using SubjectAlternativeNames

Relevanter Inhalt