问题
Our project is deployed on Elastic Beanstalk and I want to run this on HTTPs. I created my certificate on AWS Certificate Manager and choose DNS verification option. I added provided data in my Godaddy DNS records. Below is my sample data
Domain Name | Record Name | Record Type | Record Value
example.com | _8046ecb910c52234234234234232ecae.example.com. | CNAME | _81b05686qweerttcxsaxasdadas5a566.tljzshvwok.acm-validations.aws.
*.example.com | _8046ecb910c52234234234234232ecae.example.com. | CNAME | _81b05686qweerttcxsaxasdadas5a566.tljzshvwok.acm-validations.aws.
AWS has given my two records for example.com and *.example.com but both records are same. So I added one CNAME record in Godaddy DNS entries. I waited for three days and my certificate was still in pending state which in the end expired. I created a new one and I have been waiting for 24 hours and it is still in pending state. I cannot use Email verification method as I am not owner of this domain.
回答1:
An apparently common error is to paste the entire hostname into a box that does not expect an FQDN, thus creating a record that actually looks like this in DNS (though you may not observe it this way on the screen):
_8046ecb910c52234234234234232ecae.example.com.example.com
For the "hostname," just use _8046ecb910c52234234234234232ecae when creating the record.
After creating it, use dig or nslookup to verify that it resolves as expected.
回答2:
I had similar issue with AWS certificate in 'Pending validation' state for quite some time. After few tries I finally got it to get in 'Success' state. It might vary by domain registrar , in my case it was NameCheap.
Refer the screenshots from AWS ACM and NameCheap to follow the step that got it working for me:
回答3:
I also had this issue and waited a day but still Pending Validation. I followed answers here but still got confused and Pending Validation so I decided to share the step by step of what worked for me in NameCheap.
In AWS:
- Export the DNS configuration file. It will have something like this.
Domain Name,Record Name,Record Type,Record Value
mysite.io,_beocc4be975f27599f5d77f87af84321.mysite.io.,CNAME,_6ae531c5dad6c5ceeefd65a73d532881.dumrqilasr.acm-validations.aws.
In NameCheap:
- Choose "Domain" tab > NameServers - Choose NameCheap Basic DNS
- Choose "Advanced DNS" tab > Host Records
- Under Type, choose "CNAME record"
- Under Host, use the value in "Record Name". Do not include the domain name.
_beocc4be975f27599f5d77f87af84321.
- Under Value, use the value in "Record Value". Copy everything.
_6ae531c5dad6c5ceeefd65a73d532881.dumrqilasr.acm-validations.aws.
- Under TTL, choose "Automatic"
- Save the settings by clicking the check icon right beside TTL.
In AWS:
- Refresh the AWS Certificate Manager after 2-5 minutes. It should only take a few minutes for Amazon status to change from Pending Validation to Issued.
来源:https://stackoverflow.com/questions/53166438/certificate-in-pending-state-in-aws-certificate-manager