AWS ACM and Cloudflare 🌐

2024-10-03
Geoff

Cloudflare DNS + AWS ACM Certificate Validation 🧩

After creating an ACM Certificate in AWS it needs to be validated. One method of validating is via DNS. AWS ACM provides a CNAME name and CNAME value to validate via DNS. You then need to make a DNS record with your DNS provider to verify you own the domain and validate the certificate.

Confusion Sets In 🍭

I was unsure as how and where to create the record; TXT, CERT, CNAME lolz. Eventually it became apparent that AWS was providing CNAME data so the record needs to be a CNAME. When you know you know 🤷‍♂️.

The other caveat is the record needs to be DNS Only.

Cloudflare CNAME Record fields

So, in Cloudflare DNS settings set:

  • Type: CNAME
  • Name: CNAME name, not literally CNAME name but the name provided by AWS ACM
  • Target: CNAME value, not literally CNAME value but the value provided by AWS ACM

For some reason when you copy the name and value from the AWS console it includes a trailing . (dot). I had to remove them in Cloudflare when creating the record.

Phew. 😅

After saving the new record you need to wait a few minutes for AWS to validate the certificate. You can check the status on the AWS ACM console.

Conclusion 🎬

Once you know you know. 🤓 Now we can have Cloudflare and AWS playing nicely together. 🌐

thanks for reading.

📨 Contact GSPC ✉️

ITIL 4 Foundation Certified AWS Certified Cloud Practitioner Certified Terraform Associate AWS Serverless AWS Certified Developer Associate GitHub Foundations Certification GitHub Actions Certification Certified SysOps Administrator Certified AWS Security Specialist Certified AWS DevOps Engineer Professional GCP: Cloud Digital Leader Certification Badge Solutions Architect Associate Solutions Architect Professional Certified AWS AI Practitioner