Create certificate using cloudformation fails when using SubjectAlternativeNames

0

I am trying to use cloudformation to create a certificate. The domain is managed in route53.

Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub
          - www.${Domain}
          - Domain: !Ref DomainName
      ValidationMethod: DNS

If I remove the SubjectAlternativeNames the cert is created, but with the alternate names it fails to create the second cname record which leaves the cert as in progress for 12 hours before failing and being deleted.

I can see in the cert manager that the domain name has a success status, but the alternate name stays as Pending validation.

In route53, the cname is created for the domain, but no record is created for the alternative names.

1回答
1
承認された回答

Hello.

I think it will work if you also specify the subdomain in "DomainValidationOptions".
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-subjectalternativenames

Resources:
  SiteCert:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: !Ref DomainName
      DomainValidationOptions:
        - DomainName: !Ref DomainName
          HostedZoneId: !Ref HostedZoneId
        - DomainName: !Sub "www.${DomainName}"
          HostedZoneId: !Ref HostedZoneId
      SubjectAlternativeNames:
        - !Sub "www.${DomainName}"
      ValidationMethod: DNS
profile picture
エキスパート
回答済み 4ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ