Troubleshooting certificate validation - AWS Certificate Manager

Troubleshooting certificate validation

If the ACM certificate request status is Pending validation, the request is waiting for action from you. If you chose email validation when you made the request, you or an authorized representative must respond to the validation email messages. These messages were sent to the registered WHOIS contact addresses and other common email addresses for the requested domain. For more information, see Email validation. If you chose DNS validation, you must write the CNAME record that ACM created for you to your DNS database. For more information, see DNS validation.


You must validate that you own or control every domain name that you included in your certificate request. If you chose email validation, you will receive validation email messages for each domain. If you do not, then see Not receiving validation email. If you chose DNS validation, you must create one CNAME record for each domain.


Public ACM certificates can be installed on Amazon EC2 instances that are connected to a Nitro Enclave, but not to other Amazon EC2 instances. For information about setting up a standalone web server on an Amazon EC2 instance not connected to a Nitro Enclave, see Tutorial: Install a LAMP web server on Amazon Linux 2 or Tutorial: Install a LAMP web server with the Amazon Linux AMI.

We recommend that you use DNS validation rather than email validation.

Consult the following topics if you experience validation problems.