我有以下 aws 云形成脚本。它应该连接我一直在开发的网络应用程序的一些组件。它似乎陷入了一些证书验证。通过电子邮件验证的 2 个证书刚刚找到。我似乎不知道如何获得 www.congresscritters.org证书进行验证。任何帮助将不胜感激。
AWSTemplateFormatVersion: '2010-09-09'
Resources:
BaseHostedZone:
Type: 'AWS::Route53::HostedZone'
Properties:
Name: congresscritters.org.
WebCert:
Type: 'AWS::CertificateManager::Certificate'
Properties:
DomainName: www.congresscritters.org
ValidationMethod: DNS
DomainValidationOptions:
- DomainName: www.congresscritters.org
HostedZoneId: !Ref BaseHostedZone
SubjectAlternativeNames:
- congresscritters.org
WebDistribution:
Type: 'AWS::CloudFront::Distribution'
Properties:
DistributionConfig:
Aliases:
- www.congresscritters.org
DefaultRootObject: index.html
Origins:
- DomainName: congress-critters-web-ui-bucket.s3.amazonaws.com
Id: S3Origin
S3OriginConfig:
OriginAccessIdentity: ''
DefaultCacheBehavior:
AllowedMethods: ['GET', 'HEAD']
TargetOriginId: S3Origin
ViewerProtocolPolicy: redirect-to-https
Compress: true
ForwardedValues:
QueryString: false
ViewerCertificate:
AcmCertificateArn: !Ref WebCert
SslSupportMethod: sni-only
Enabled: true
HttpVersion: http2
BaseRecordSetGroup:
Type: 'AWS::Route53::RecordSetGroup'
Properties:
HostedZoneId: !Ref BaseHostedZone
RecordSets:
- Name: www.congresscritters.org
Type: A
AliasTarget:
HostedZoneId: !GetAtt WebDistribution.DomainName
DNSName: Z2FDTNDATAQYW2 # Fixed value for CloudFront
Comment: Website domain record
APICert:
Type: 'AWS::CertificateManager::Certificate'
Properties:
DomainName: api.congresscritters.org
ValidationMethod: EMAIL
APIDevCert:
Type: 'AWS::CertificateManager::Certificate'
Properties:
DomainName: api-dev.congresscritters.org
ValidationMethod: EMAIL
APIRecordSet:
Type: 'AWS::Route53::RecordSet'
Properties:
HostedZoneId: !Ref BaseHostedZone
Name: api.congresscritters.org
Type: A
AliasTarget:
DNSName: 7wqzggw1za.execute-api.us-east-1.amazonaws.com
HostedZoneId: Z1UJRXOUMOOFQ8 # Fixed value for API Gateway
Comment: API domain record
APIDevRecordSet:
Type: 'AWS::Route53::RecordSet'
Properties:
HostedZoneId: !Ref BaseHostedZone
Name: api-dev.congresscritters.org
Type: A
AliasTarget:
DNSName: orb9e3jc05.execute-api.us-east-1.amazonaws.com
HostedZoneId: Z1UJRXOUMOOFQ8 # Fixed value for API Gateway
Comment: API dev domain record
我尝试检查 AWS 管理控制台上的各种 Web 控件并阅读那里的文档。
最佳答案
由于您设置了 ValidationMethod: EMAIL
,因此您必须检查与域关联的电子邮件并使用从 AWS 获取的电子邮件验证 SSL 证书。或者,使用 DNS
验证方法。
关于amazon-web-services - AWS 路由 53 不会验证我的 DNS 证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/76592803/