Certificates managed by ACM should be validated
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
All Secure Socket Layer/Transport Layer Security (SSL/TLS) certificates in Amazon Certificate Manager (ACM) should be validated.
Rationale
Requests for ACM certificates time out if they are not validated within 72 hours. ACM provides managed renewal for your Amazon-issued SSL/TLS certificates that are used with other AWS resources.
ACM either renews your certificates automatically (if you are using DNS validation), or it sends you email notices when expiration is approaching. These services are provided for both public and private ACM certificates. However, renewal for other certificates must be done manually. If a certificate is not validated, it can interrupt an application or service.
From the console
Follow the Setting Up DNS Validation or Resending Validation Email docs to validate a certificate in the AWS Console or by email.
From the command line
Run resend-validation-email
using the ARN of the invalid certificate with your domain
and validation-domain
.
aws acm resend-validation-email
--certificate-arn arn:aws:acm:us-east-1:1234567890:certificate/a1b2345c-d678-9123-4567-89ab12c2345d
--domain www.example.com
--validation-domain example.com
Click the link in the generated email to navigate to the Amazon Certificates Approvals page, and click the I Approve
button.