Request AWS Certificate

How to request public certificate from AWS console.

Request a Public Certificate

  1. Go to AWS console and select service AWS Certificate Manager.

  2. Normally, it will automatically go to Certificates page.

    • On AWS Certificate Manager page, click List certificates on the left menu.

  3. Click Request button.

  4. Select Request a public certificate(default choice), then click Next.

  5. Request public certificate

    • Domain names

      • Type the domain you want to request the certification.

      • Ex. for happenn.com. This will require to input 2 domain which is happenn.com and www.happenn.com.

      • Ex. if you want the certificate to handle as wildcard. Add happenn.com and *.happenn.com.

    • Select validation method

      • DNS validation (default)

    • Then click Request button.

example for sictas.org domain

Setup DNS for AWS to Validate

List certificates

After requesting the certificate, the requested domain will appear in List certificates. The Status will be Pending validation. To make the domain to be able to validate. You can setup DNS records on Route 53 (manually) or you can automatically update it from the certificate page.

Create DNS records in Route 53

  1. Click on Certificate ID.

  2. You will be in that Certificate Page.

  3. On Domains group, click on Create records in Route 53.

    • If the CNAME name and CNAME value are blank. You will need a bit of time for it to appear before you able to Create records in Route 53.

    • If you click before those values show up, and click on Create records from below step. Nothing will happen.

  4. It will show the domain that needs to be validate (has status as Pending validation).

  5. Click Create records.

  6. You should get a Successfully created DNS records message.

    • You can also check on Route 53 if it has those values.

  7. This process can takes up to 30 minutes (or more). You can check on List certificates for the status to update (also click the refresh button).

Add Certificate to Load Balancer

  1. Go to AWS console and select service EC2

  2. Select Load Balancing > Load Balancers

  3. Select the Load Balancers that you want to assign certificate to.

  4. Select Listeners tab

  5. Select View/edit certificates on HTTPS : 443 row

  6. Click + tab at the top

  7. Select the certificate(s) you want to add and click Add

This will bind certificate(s) to the load balancer and doesn't need to setup SSL on the server itself as the load balancers will handle it for you.

PreviousRescale InstanceNextGenerate Certificate with Certbot

Last updated