Not able to connect CloudFlare to AWS API Gateway

Question

I am trying to connect CloudFlare to API Gateway

Steps followed are:

Generated certificate in Cloudflare
Imported certificate in certificate manager in AWS
Made Full Strict in Cloudflare
in API gateway, for custom domain, I gave the domain name. Selected edge optimized and selected my certificate I imported. I am getting following error

The certificate that is attached to your distribution was not issued by a trusted Certificate Authority. For more details, see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate;

score 0 · Answer 1 · answered Jul 23 '20 at 12:14

0

The mistake I was doing was, I was importing the certificate to the Certificate Manager. I used the .pem encoded string and imported.

What worked for me was instead of importing, I went through the " Request for certificate" process. This can be approved via DNS modification or through email approval(faster way).

The change I observed was, "Request for certificate" is AWS issued and the former is not. Using this I generated Edge optimized custom domain which gave me a cloud front URL. I used this to link with CNAME in my Cloudflare DNS

answered Jul 23 '20 at 12:14

Vinay Prabhu

93
8

I'm trying the DNS validation, any idea on how much time does this takes? – Ritesh Kumar Reddy Kuchukulla Jun 25 '21 at 18:56
@RiteshKumarReddyKuchukulla It will take about 12 to 24 hours – Vinay Prabhu Jul 12 '21 at 02:32

Not able to connect CloudFlare to AWS API Gateway

1 Answers1