Priyanka Burela's Blog

AWS Certificate Manager DNS Validation

Priyanka Burela's photo
Priyanka Burela
·

2 min read

Table of contents

Introduction:

In This, I have created an HTTPS AWS Certificate (ACM) and validated it with my domain in AWSRoute53 using DNS validation.

Step 1: You'll Register a Domain:

Step 2: Purchase the Domain and enter all the personal details, checkout, and complete the payment. It'll show in the pending payments section under route 53.

Step 3: Once Domain is registered then it'll show as below:

Step 4: Create hosted zones for the Registered Domain

Step 5: It'll create NS and SOA records as below

Please verify your NS records in the registered domain, It should be the same.

if not found then add your NS records in the registered domain to work.

Step 6: Now Create Records for your application, This is manual creation.

In my project 3, I have shown via Terraform.

Step 7: You can create your certificate here and directly do dns validation/email validation

Step 8: Add your registered domain to get the certificate attached.

*.devopseasy.link-->any domain name like apps.devopseasy.link

What is AWS Certificate Manager

AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications. You can provide certificates for your integrated AWS services either by issuing them directly with ACM or by importing third-party certificates into the ACM management system. ACM certificates can secure singular domain names, multiple specific domain names, wildcard domains, or combinations of these. ACM wildcard certificates can protect an unlimited number of subdomains. You can also export ACM certificates signed by AWS Private CA for use anywhere in your internal PKI.

ACM Certificate Validation

In order to sign a new certificate, the certificate authority (CA), needs to verify that you own the registered domain. In order to do this, AWS Certificate Manager supports two different methods for validating a certificate: Email and DNS. What’s the difference?

Email Validation

For email validation, AWS sends an email to the contact emails configured for the registered domain. These emails can be found in Route 53 under the Registered Domain tab.

DNS Validation

For DNS Validation, AWS verifies that you own the registered down by making a call to a CNAME record, configured in your Hosted Zone.

#KeepLearningKeepSharing

Thank you for reading this blog, Hope you found this helpful.

If you need any help then feel free to ping me on Linkedin:

Linkedin Profile:-linkedin.com/in/priyanka-burela

DevopsAWSACMroute53Terraform