Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Certificate in Pending state in AWS Certificate Manager

Our project is deployed on Elastic Beanstalk and I want to run this on HTTPs. I created my certificate on AWS Certificate Manager and choose DNS verification option. I added provided data in my Godaddy DNS records. Below is my sample data

Domain Name | Record Name | Record Type | Record Value 

example.com | _8046ecb910c52234234234234232ecae.example.com. | CNAME | _81b05686qweerttcxsaxasdadas5a566.tljzshvwok.acm-validations.aws. 

*.example.com | _8046ecb910c52234234234234232ecae.example.com. | CNAME |  _81b05686qweerttcxsaxasdadas5a566.tljzshvwok.acm-validations.aws.

AWS has given my two records for example.com and *.example.com but both records are same. So I added one CNAME record in Godaddy DNS entries. I waited for three days and my certificate was still in pending state which in the end expired. I created a new one and I have been waiting for 24 hours and it is still in pending state. I cannot use Email verification method as I am not owner of this domain.

like image 937
Muhammad Hassan Avatar asked Nov 06 '18 05:11

Muhammad Hassan


People also ask

How long does AWS Certificate Manager validation take?

The certificate you requested is displayed so that you can see the status of your request. After you write the DNS record or have ACM write the record for you, it typically takes DNS 30 minutes to propagate the record, and it might take several hours for Amazon to validate it and issue the certificate.

How do I verify an AWS certificate?

How can I verify an individual's certification status? To verify an AWS Certification, ask the earner for an AWS Certification digital badge link. Via Credly's Acclaim platform, we provide digital badges to everyone who earns an AWS Certification to support recognition and verification.

Where do I find my AWS certificate?

Open the AWS Certificate Manager console at https://console.aws.amazon.com/acm/home . Expand a certificate to view its details. Find the Renewal Status in the Details section. If you don't see the status, ACM hasn't started the managed renewal process for this certificate.

What is an ACM certificate?

A Certification for Health Delivery System Case Management and Transitions of Care Professionals. The ACM Certification was created by ACMA in 2005, and is designed specifically for health delivery system and transitions of care (TOC) case management professionals.


2 Answers

An apparently common error is to paste the entire hostname into a box that does not expect an FQDN, thus creating a record that actually looks like this in DNS (though you may not observe it this way on the screen):

_8046ecb910c52234234234234232ecae.example.com.example.com

For the "hostname," just use _8046ecb910c52234234234234232ecae when creating the record.

After creating it, use dig or nslookup to verify that it resolves as expected.

like image 61
Michael - sqlbot Avatar answered Oct 02 '22 11:10

Michael - sqlbot


I had similar issue with AWS certificate in 'Pending validation' state for quite some time. After few tries I finally got it to get in 'Success' state. It might vary by domain registrar , in my case it was NameCheap.

Refer the screenshots from AWS ACM and NameCheap to follow the step that got it working for me:

DNS record validation

like image 27
zennni Avatar answered Oct 02 '22 12:10

zennni