[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

[AWS] How to perform ACM DNS authentication using IDCF cloud DNS

Hello.
This is Miyazaki from the SS Team, Operations Management Division.

This time, I will write about using AWS ACM (AWS Certificate Manager) DNS authentication
using the IDCF cloud DNS service instead of Route53.

 

background

Personally, I wanted to install a certificate in AWS's ELB using a domain managed by the IDCF cloud DNS service in order to verify that WordPress is HTTPS
, so I decided to use ACM.

I usually use Route53 for DNS authentication, so just by clicking the button, DNS authentication will be completed and a certificate will be issued before you know it.
However, this time, since the domain was managed by IDCF Cloud's DNS service, it was necessary to perform DNS authentication using IDCF Cloud's DNS service.

 

Actual steps and some points I stumbled upon

1. Request a certificate on ACM

2. Select Request Public Certificate

3. Enter the domain name of the certificate you want to create

4. Select Verify DNS

5. Check that each item is correct and select "Confirm and Request"

6. Check the validation status.
It's now "Pending Verification".
Use the "name" and "value" in the red frame for DNS authentication.

Now let's move on to the DNS side settings
7. Select record registration from IDCF's DNS service

8. Enter record information

① "Type" Select CNAME
② "Record Name" Enter the "Name" item confirmed in step 6.
Note that the last . is already included. For example, are there consecutive .'s like _XXXXXX..domain name?
③ "Value" Enter the "Value" item confirmed in step 6.
IDCF Cloud does not allow you to enter an _ (underscore) at the beginning of the value.
If you refer to AWS's official guide, it says that you can register without underscores as a workaround if underscores are prohibited.
Troubleshooting DNS validation issues

If your DNS provider prohibits CNAME values ​​starting with an underscore, remove the underscore from the value provided by ACM and verify your domain. For example, you can change the CNAME value _x2.acm-validations.aws to x2.acm-validations.aws for validation purposes.

Also, as mentioned in the note under "Value", the trailing dot is unnecessary, so delete it.

Based on all of the above, it will now look like the image below, so let's register it.

After about 5 minutes, I was able to confirm that I was authenticated on AWS.

These are the steps.

Conclusion

The steps introduced this time are not limited to IDCF DNS, but I think the above steps will be helpful for DNS where _ (underscore) cannot be used in the "value".
It's not a big deal, but when I first tried it, I didn't really understand where I was stumbling.

I would be happy if I could be of some help.

If you found this article helpful , please give it a like!
1
Loading...
1 vote, average: 1.00 / 11
2,087
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

Kenta Miyazaki

I joined Beyond in 2017 as a new graduate.

We provide 24-hour, 365-day operation, maintenance, and monitoring services for servers and clouds used by companies that primarily provide web-based services.
I belong to the System Solutions Department, and my job is to improve Beyond's operations so that our customers can focus on their business.

Certifications: AWS Certified Solutions Architect, GCP Professional Cloud Architect, Linuc1