Create certificate using cloudformation fails when using SubjectAlternativeNames

0

I am trying to use cloudformation to create a certificate. The domain is managed in route53.

Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub
          - www.${Domain}
          - Domain: !Ref DomainName
      ValidationMethod: DNS

If I remove the SubjectAlternativeNames the cert is created, but with the alternate names it fails to create the second cname record which leaves the cert as in progress for 12 hours before failing and being deleted.

I can see in the cert manager that the domain name has a success status, but the alternate name stays as Pending validation.

In route53, the cname is created for the domain, but no record is created for the alternative names.

1 Risposta
1
Risposta accettata

Hello.

I think it will work if you also specify the subdomain in "DomainValidationOptions".
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-subjectalternativenames

Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
        - DomainName: !Sub "www.${DomainName}"
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub "www.${DomainName}"
      ValidationMethod: DNS
profile picture
ESPERTO
con risposta 4 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande