AWS Certificate Manager,无法获取子域的 https
[英]AWS Certificate Manager, cannot get https for subdomain
问题描述
I have a hosted zone with my main domain.
我的主域有一个托管区域。 I already added a Load Balancer and configured it to route to my web app.我已经添加了一个负载均衡器并将其配置为路由到我的 web 应用程序。 This already works with https and http.这已经适用于 https 和 http。 So far so good.到目前为止,一切都很好。
Now I wanted to add a subdomain something like: domain.com (routes to my frontend) api.domain.com (routes to my backend).现在我想添加一个子域,例如: domain.com (路由到我的前端) api.domain.com (路由到我的后端)。 The routing is already working but I cant use https.路由已经在工作,但我不能使用 https。 I tried to get a ssl certificate exactly for this domain (api.domain.com) but this got stuck in pending.我试图为这个域(api.domain.com)获得一个 ssl 证书,但这被卡住了。
I also tried to use a wildcard (*.domain.com).我还尝试使用通配符 (*.domain.com)。 With this I can connection to my service like this: https://api.domain.com , but the webbrowser says the connection is not safe.有了这个,我可以像这样连接到我的服务: https://api.domain.com ,但是网络浏览器说连接不安全。
Route 53 entries: 53 号公路条目:
Certificate manager证书管理器
Shouldn't be the wildcard (*.domain.com) working for my api.不应该是为我的 api 工作的通配符 (*.domain.com)。 Subdomain?子域? And do you know why the first two certificates are stuck in pending?你知道为什么前两个证书被卡在待处理状态吗?
1 个解决方案
解决方案1
2 已采纳 2020-07-03 07:59:37
Certificates are stuck in pending if they're waiting to be approved.如果证书正在等待批准,则它们将处于待处理状态。 The conditions (DNS records or email verification) have not yet been met.尚未满足条件(DNS 记录或 email 验证)。
If the domain is unsafe then the SSL for the domain has either expired, is not from a valid CA or is not included as a valid domain on the generated certificate.如果域不安全,则域的 SSL 要么已过期,要么不是来自有效的 CA,要么没有作为有效域包含在生成的证书中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.