Prerequisites
Hosted Zone for your Domain.
AWS Certificate Manager
It is very important to select the US East (N. Virginia) region before you request your certificate (if you want to use your certificate in a CloudFront destribution).
If you want to use a certificate in another region for example a Application Load Balancer, create your certificate in the region that you create your load balancer.
Navigate to Certificate Manager > Provision certificates > Get Started.
| Request a certificate | |
| Request a public certificate | |
Click on 'Request a certificate'.
| Add domain names | |
| Domain name |
Add your domain name that you want a certificate to be issued to. Use an asterisk (*) to request a wildcard certificate to protect several sites in the same domain. For example: *.example.com protects www.example.com, site.example.com and images.example.com. It is important to create a naked domain and optionally wildcard certificate for the CloudFront distribution to work for example: gateway53.com *.gateway53.com |
Click 'Next'.
| Select validation method | |
| DNS validation |
ACM can validate ownership by using DNS or by sending email to the contact addresses of the domain owner. Choose DNS validation if your domain is hosted by Route53 and you own and control the domain. |
Click 'Next'.
Add Tags: Tag Name: G53_ACM Value: .gateway53.com (if applicable).
Click 'Review' and 'Confirm and request'.
You have to create a CNAME for the requested domain/s before AWS can issue your certificate.
Export your 'DNS configuration file' and save it in a safe place.
Click 'Continue'.
Navigate to Route53 > Hosted zones > select your applicable zone.
Click on 'Create Record Set'
| Select validation method | |
| Name | Enter the value specified under Record Name in your configuration file (exluding the naked domain for example: gateway53.com). |
| Type | CNAME |
| Alias | No |
| TTL (seconds) | 60 (1m) |
| Value | Enter the value specified under Record Value in your configuration file. |
| Routing Policy | Simple |
Click 'Create'.
Navigate to Certificate Manager > Certificates to check on the status of the certificate.