Select Language:
If your ACM certificate is stuck in “Pending validation” even though you’ve set up the correct CNAME records, don’t worry—there are some straightforward steps to fix this.
First, it’s important to know that if validation doesn’t complete within 72 hours, ACM changes the status to “Validation timed out.” Since you’ve already waited more than 96 hours, you’ll need to delete the current request and start fresh.
Next, double-check your DNS setup. Make sure there are no Certification Authority Authorization (CAA) records that could block your certificate from being issued. Also, verify that every domain in your request, like gorillabricc.com and www.gorillabricc.com, has its CNAME validation record correctly in place. It’s also helpful to look for any conflicts in your DNS records—having both NS records and CNAME records for the same domain can cause problems.
Another common issue is nameserver settings. Confirm that your domain is pointing to the correct nameservers, matching what you see in your Route 53 hosted zone. Sometimes, mismatched nameservers can prevent validation from going through successfully. Additionally, make sure you’re requesting the certificate in the correct AWS region, which is typically us-east-1 if you plan to use it with CloudFront.
If everything appears correct but validation isn’t completing, the best move is to delete the pending certificate request and create a new one. Before proceeding, use tools like nslookup or dig to ensure that your DNS records are resolving correctly.
If you still run into issues after creating a new request, reaching out to AWS Support can help you get personalized assistance. Troubleshooting DNS validation can sometimes be tricky, but following these steps usually resolves the problem.
Add us on ChatGPT
Add us on Perplexity
