-1

I am currently in the process of migrating my app from Heroku to AWS ECS. I am at the stage where I want to establish a secure connection by enabling https for my app. From what I understand, I need a certificate, which I can obtain using the AWS ACM.

I tried to generate a certificate by providing the currently active production domain name used on my app hosted on Heroku. I purchased this domain name from OVH.

However, the response from AWS was very delayed, and I ultimately found out that my certificate request had failed.

Can you assist me ?

Thank you.

Steven
  • 1

1 Answers1

0

Firstly, we cannot directly attach a certificate issued from AWS ACM to AWS ECS, one way would be to use AWS ALB in front of the AWS ECS. The AWS ACM-issued certificate can then be attached to AWS ALB.

Secondly, for AWS ACM to issue a certificate the domain needs to be publicly resolvable (resolvable on the internet) and we will have to add a CNAME record to prove the domain ownership (DNS Validation). If these conditions are met, the certificate will be issued by AWS-ACM.

Rajas Gujarathi
  • 716
  • 1
  • 9
  • 20
  • Thank you for your response. Yes, I expressed myself poorly and I understood the first point you mentioned. For the second point, where should I add the CNAME record to prove domain ownership ? Is it on Route 53 ? – Steven Jul 07 '23 at 09:55
  • You will have to add the CNAME record where you have the domain hosted. Are you using Route 53 for hosting the domain? – Rajas Gujarathi Jul 07 '23 at 10:03
  • The domain name is hosted on OVH, and I'm not using Route 53. If I understand correctly, I need to add the CNAME record that I see in the certificate details on OVH for AWS to validate my certificate ? – Steven Jul 07 '23 at 10:12
  • Yes, you are correct. – Rajas Gujarathi Jul 07 '23 at 10:34