AWS Credential Manager (ACM)¶
This page lists various activites that may be necessary to perform when leveraging Zappa
Request a Certificate¶
ACM provides digital certificates for free but the certificates can only be used with Elasic Load Balancing and Amazon CloudFront.
To use ACM with Zappa, you must create or import the certificate in the US East (N. Virginia) (us-east-1). See AWS documentation for more details.
- Navigate to the ACM Console and click
Request a Certificate
- In 'Add a Domain name' enter
Note that we entered both the 'www' subdomain and the apex of the domain. This allows users to leverage either url and have it covered with a single certificate. More info can be found in the AWS ACM documentation on Requesting a Certificate
!!! Warning Carefully consider which domains shall be covered by this certificate because once it is validated, you cannot modify the list of domains. Any changes will require a new certificate to be issued.
Click on Review and Request
You should see a message similar to the image below:
Notice that ACM's perferred method of domain ownership validate is to send an email to the registered contact address in the WHOIS for the domain. In addtion, a few select email addresses are also included. Full validation rules are posted in ACM Documentation.
Check your email for validation links
You should receive at least one email for each domain you entered. You may actually get multiple email addresses because sometimes registered emails are duplicated for Techincal or Administrative contacts in the WHOIS information. The emails should be similar to:
Click on all the validation links
You must click on the validation link for every domain name included in step 2 above. The digital certificate will not be issued until all domains have been verified.
Record the ARN for the digital certificate
You will use the ARN for other purposes. The ARN is displayed on the verification page but also in the details page for the certificate in the ACM console.