Situation
I have an AWS Amplify app that is going to replace an existing website. The website is hosted on Netlify with GoDaddy being the DNS server. Let's say the current production domain is mywebsite.com
I have followed this guide but I am stuck on step 6 of AWS ACM certificates as a name.
My Attempts
First off, I have these domains generated by Amplify:
Next in the GoDaddy domains, I have these CNAME records that point to Netlify:
Following the guide, I made this record for the dev branch to point to amplify:
I know this record is working because when I visit dev.mywebsite.com
I get this webpage.
.
So then I need to then follow the steps from the guide which are:
-
Create the second CNAME record to point to the AWS Certificate Manager (ACM) validation server. A single validated ACM generates an SSL/TLS certificate for your domain.
-
For Type, choose CNAME.
-
For Name, enter the subdomain.
-
For example, if the DNS record in the Amplify console for verifying ownership of your subdomain is _c3e2d7eaf1e656b73f46cd6980fdc0e.example.com, enter only _c3e2d7eaf1e656b73f46cd6980fdc0e for Name.
-
For Value, enter the ACM validation certificate.
-
For example, if the validation server is _cjhwou20vhu2exampleuw20vuyb2ovb9.j9s73ucn9vy.acm-validations.aws, enter _cjhwou20vhu2exampleuw20vuyb2ovb9.j9s73ucn9vy.acm-validations.aws for Value.
-
Choose Add record.
So it was a little confusing, but I went to AWS ACM and requested a certificate for the domain *.mywebsite.com
. I got the certificate approved. The CNAME name was _c123abc123abc.mywebsite.com.
and the CNAME value was _abc123.stuff.acm-validations.aws.
I went to go daddy and made a CNAME record as the following:
Results
This is still not working and I get the webpage that says site cannot provide a secure connection
.
Possible Solutions
- I can change the requested domain name in the AWS Cert Manager. Perhaps this should be
*.abc123.amplifyapp.com
of instead of *.mywebsite.com
- I can forgo dealing with GoDaddy and just request the domain transfer to Amazon. I fear that this transfer would take a while, and mess up custom domain email to by email client
Titan Mail
. This might be the better long-term solution though.
Thanks for your help