How to solve SSL Certificate not showing in AWS CloudFront

Most likely you already have an SSL Certificate in AWS Certificate Manager (ACM). Then when you go to configure it in CloudFront you cannot select the radio button that says Custom SSL Certificate (example.com) or your SSL Certificate does not show in the options.

The reason for this is that your SSL Certificate should be in the N. Virginia Region (us-east-1).

If you look closely on the words below the selection it says You can use a certificate stored in AWS Certificate Manager (ACM) in the US East (N. Virginia) Region, or you use a certificate stored in IAM.

This is also stated in the AWS CloudFront Documentation regarding the use of Alternate Domain Names and HTTPS.

Request or upload your SSL Certificate in AWS Certificate Manager in N. Virginia Region (us-east-1) and your SSL Certificate should show on the selection.

With this you can now use HTTPS to access your services when you are working with CloudFront.

Creating a Public SSL/TLS Certificate in AWS Certificate Manager

If you plan to make the communication of your site visitors to be secure by using HTTPS then you need to use Public SSL/TLS Certificate. You can do this by requesting for a Public Certificate via AWS Certificate Manager (ACM).

Below are the advantages of using Public SSL/TLS Certificate provided by AWS Certificate Manager.

  • No charges = Free.
  • Auto renew – No need to worry on expiring SSL/TLS Certificate. ACM Automatically does this for you.
  • Easy integration with Amazon Web Services (AWS) products such as CloudFront, Elastic Load Balancer, API Gateway and many more.

Check the step-by-step guide on how you can request a Public SSL/TLS Certificate for HTTPS access of your website/domain.

Requesting for a Public SSL/TLS Certificate

Login to AWS Console and head to AWS Certificate Manager.

Note: AWS Certificate Manager is a regional service, therefore make sure to be in the correct AWS Region. If you are new to AWS just select N. Virginia (us-east-1) as it is one of the cheapest regions.

On the AWS Certificate Manager page, click on <strong>Get started</strong>.

On the next screen, make sure to select the Request a public certificate, then click on Request a certificate.

Under Add domain names. Enter the following.

*.[Your Domain]
Example:
*.chargedneutron.com
The * represents a wildcard. This will allow you to use the SSL Certificate to any subdomains that you want like www.domain.com, images.domain.com, sites.domain.com, mobile.domain.com
[Your Domain]
Example:
chargedneutron.com
Apex Domain or Naked Domain Name. Your domain name without subdomains. Use this if you do not want to use www in front of your website.

Then click on Next.

Select DNS Validation, then click on <strong>Review</strong>.

Continue reading Creating a Public SSL/TLS Certificate in AWS Certificate Manager