BUG: ACM DNS Validation


When I request DNS validation in ACM it requires a CNAME like this...


note the period (dot / full stop) at the end

I then click the button to create the record in Route53 it creates this:


(no dot)

Route53 does not allow me to create a CNAME with a period at the end.

What do I do?

1 Respuesta


In Amazon Route 53, the trailing "." in a domain name is optional and is considered the same with or without the trailing ".".

For record types that include a domain name, enter a fully qualified domain name, for example, www.example.com. The trailing dot is optional; Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical.

profile picture
respondido hace 3 meses
  • Ok, my certificate has been pending since yesterday. I figured that was the problem. What else could be wrong?

  • Can I resolve the domain name using the following command? https://repost.aws/knowledge-center/acm-certificate-pending-validation

    dig +short _example-cname.example.com
    dig NS example.com

    If you cannot check the NS records, please try checking the NS records using the "whois" command. If the result checked with whois and the NS record registered in Route53 are different, please change it to the NS record checked with whois.

    whois example.com
  • Ha ok it looks like the create cname button didn't actually create the cname...

    ➜  ~ dig _e9c658db0586a960e37c249b87ba0b12.intentional.industries CNAME
    ; <<>> DiG 9.10.6 <<>> _e9c658db0586a960e37c249b87ba0b12.intentional.industries CNAME
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37138
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
    ; EDNS: version: 0, flags:; udp: 512
    ;_e9c658db0586a960e37c249b87ba0b12.intentional.industries. IN CNAME
    intentional.industries.	900	IN	SOA	ns-1335.awsdns-38.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
    ;; Query time: 302 msec
    ;; SERVER: fe80::66cc:22ff:fe9a:d4f4%6#53(fe80::66cc:22ff:fe9a:d4f4%6)
    ;; WHEN: Fri Feb 16 09:23:36 GMT 2024
    ;; MSG SIZE  rcvd: 170
  • Did you create it from the button "Create recodes in Route53"? a

  • yes I did - I just went through the process again to make sure. I added subdomains api. and www. all three records were created in route53 but still pending validation forever...

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas