TechQA.

ACM Certificate with Wildcard does not Work for the Newly Created Subdomain

2.7k views Asked by At

My recent infrastructure had the following setup:

  • A domain on Route53 as example.com.
  • Several subdomains e.g. blog.example.com, dev.example.com etc.
  • A certificate on ACM with *.example.com as its entry.

Everything worked as expected, until I was required to add another domain, e.g. abc.dev.example.com. SSL doesn't work on this newly created subdomain.

My previous experience suggests creating a new certificate for this new subdomain, it has worked for me earlier as well. But it doesn't seem to be a best practice. Can I refresh/update my current certificate to accommodate the new subdomain?

amazon-web-services ssl amazon-route53 aws-certificate-manager aws-acm
Original Q&A
1

There are 1 answers

2
Marcin On BEST ANSWER

This is because wildcard SSL cert can only support one subdomain level. From docs:

When you request a wild card certificate, the asterisk (*) must be in the leftmost position of the domain name and can protect only one subdomain level. For example, *.example.com can protect login.example.com, and test.example.com, but it cannot protect test.login.example.com.

So in your case you need new certificate for *.dev.example.com.

Related Questions in AMAZON-WEB-SERVICES

Related Questions in SSL

Related Questions in AMAZON-ROUTE53

Related Questions in AWS-CERTIFICATE-MANAGER

Related Questions in AWS-ACM

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions