- Newest
- Most votes
- Most comments
As specified in the launch blog post: https://aws.amazon.com/blogs/security/easier-certificate-validation-using-dns-with-aws-certificate-manager/ and in the DNS Public Docs: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
If the customer validates a certificate using DNS:
ACM automatically renews certificates that are deployed and in use with other AWS services as long as the CNAME record remains in your DNS configuration. To learn more about ACM DNS validation, see the ACM FAQs and the ACM documentation.
Establishing a TLS connection to the domain will not be necessary to automatically renew DNS-Validated Certificates as long as the CNAMEs used to initially validate the domain(s) are still reachable via public DNS.
Hope that helps!
Relevant content
- Accepted Answerasked 6 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago