Can I use AWS Certificate Manager certificates for API Gateway with Custom Domain Name

43
votes

Can I use a certificate from AWS Certificate Manager to use it with API Gateway and my Custom Domain Name?

How do I get the certificate body, private key and chain out of the certificate from the AWS Certificate Manager?

1
amazon-web-servicesaws-api-gatewayaws-certificate-manager
You can't do this at this time without creating another CloudFront distribution in addition to the one created behind the scenes by API Gateway. - Mark B
@MarkB does that mean there is a workaround using "another CloudFront distribution" as you say? - Christine
Cloudfront workaround appears possible in the docs, but the option is grayed out for me so far ++ See "To use alternate domain names with HTTPS" ++ docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/… - here
A second cloudfront distro in front of API gateway will work as @MarkB suggested. You have to whitelist headers and prevent the Host header from forwarding to API gateway as it uses SNI. - Dave Maple

1 Answers

37
votes

As you saw in the forum post, it's not possible now. ACM integration is something we want to do and it's on our backlog, but I don't have an ETA for you at the moment.

ACM is now integrated with API Gateway!