0

I have an existing domain example.de, that should be served via AWS CloudFront and its SSL certificates provided by ACM. That domain is registered and managed at a third-party registrar.

Setting up CloudFront and ACM for the www.example.de domain was easy enough, but what do I do for the apex record example.de? I cannot go the "canonical route" of either moving the domain to Route53 (because then, e-mail would break) or using ALIAS records (because the registrar does not support them).

What I plan to do for now is getting an EC2 micro instance with a fixed Elastic IP, point the apex record to that IP and have a nginx running that redirects all requests to the www domain - but how do I get the ACM SSL certificate on that EC2 instance?

user1933738
  • 247
  • 1
  • 6

1 Answers1

0

Move your domain hosting to Route53. Domain registration can stay where it is. Email will still work, just set up your MX records appropriately.

Your plan to get an EC2 micro instance is feasible - t3a.nano is easily big enough though, I host five Wordpress sites on a t3a.nano. You can't put an ACM certificate onto an EC2 instance, so your primary choices are to put an ALB with ACM in front of it (which might share an existing ALB if you have one) or use third party certificate. Setting up Nginx / Certbot fo Let's Encrypt is fairly straightforward.

Tim
  • 31,888
  • 7
  • 52
  • 78
  • Unfortunately, it cannot. The provider does not allow hosting emails without the provider also hosting the DNS records. – user1933738 Feb 10 '22 at 12:31
  • I think you should get yourself a new email provider as that is not a technical limitation, it's an unusual restrictive policy. I've used a number of email providers for my personal email but my personal DNS is CloudFlare. – Tim Feb 10 '22 at 17:19