Stack Overflow Asked by Abdi on November 10, 2021
I am trying to create a Cloudfront distribution for a subdomain, e.g. dev.example.com. However, after adding the details for the objects origin and I enter the alternate domain names (CNAMES) section and add: dev.example.com I get the following error when I click on create distribution:
com.amazonaws.services.cloudfront.model.InvalidViewerCertificateException: To add an alternate domain name (CNAME) to a CloudFront distribution, you must attach a trusted certificate that validates your authorization to use the domain name. For more details, see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: fb305ccd-21e7-4bf8-a55c-df1304c06ac1; Proxy: null)
I am managing my domian dns through Route 53. I’ve created a certificate through ACM already, but the option to select a custom SSL certificate is greyed out. I’ve gone through the AWS Docs and couldn’t find any solution so far.
You Have to Create the ACM certificate in us-east-1 . Did you ?
Answered by Oxi on November 10, 2021
This error indicates that the certificate that is attempting to be used is incorrect.
Your ACM certificate must be created in us-east-1 for a CloudFront distribution. The reason for this is that CloudFront is a global service, global services can only attach regional services that exist within us-east-1. They also will appear in CloudWatch and CloudTrail under the region of us-east-1.
It must also cover the domain you're using. In your case either dev.example.com or *.example.com must be included on your certificate.
Answered by Chris Williams on November 10, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP