sxmxc24
commented
4 years ago Are you sure the certificate covers the alternate CNAMEs to include www.test.com and test.com
Open darey-io opened 4 years ago
sxmxc24
commented
4 years ago Are you sure the certificate covers the alternate CNAMEs to include www.test.com and test.com
cosminzeev
commented
4 years ago I get the same error and the certificate covers both www and non www
pratikdhody
commented
4 years ago @sxmxc24 @cosminzeev I ran into the same issue.
When creating the certificates, I needed to define the domain name as *.yoururl
duttonw
commented
4 years ago When Associating Domains to Cloudfront and an SSL cert to go with them, you must ensure you have all alt names matching whats on your Cloudfront Alternate Domain Names (CNAMEs). Else it will be rejected. Its one of those policies AWS put in place to stop people associating random domains to their distribution for sub-domain take over see https://github.com/EdOverflow/can-i-take-over-xyz/issues/29#issuecomment-482481052 why this is the case and also why you can't have no ssl on random domain name with cloudfront any more.
I keep getting this error each time it reaches the Cloudfront resource creation stage.
Embedded stack arn:aws:cloudformation:eu-west-1:4891:stack/Wordpress-cloudfront-BWS8W/6a02b0-1ce6-11ea-9d0b-02 was not successfully created: The following resource(s) failed to create: [CloudFrontDistributionSslCertificate].
I ensured the Certificate in ACM is created in the N.Virginia region and it has been validated against my domain with an "Issued" status
Could i be doing something wrong? Anyone came across this?