Cannot validate domain ownership of AWS Certificate Manager


I tried creating public certificate on AWS Certificate Manager and I chose "Validate domain ownership ". AWS generated the following CNAME configuration.

Domain Name   *
Record Name
Record Type   CNAME
Record Value

So I have create a CNAME record with following items on Cloudflare:

Type "CNAME"
Name filed
Domain Name filed

Finally, I tried to execute dig command but it does not show anything and ACM status is still pending. Is there any idea?

Thanks in advance.


I have already tried to call following command but I got nothing:

$ dig cname +short


Make sure it is not proxied but set to :grey:.


Thanks you for your quick response. I changed status to ‘DNS only.’ Is it take long time to enable?

And I would appreciate if you could tell me reason why I should use “DNS only” status.


It can take a few minutes. If you proxy it Amazon will never get the actual CNAME value but the proxied address and hence not be able to validate it.

closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.