Certificate Request is Pending Validation

A certificate request for a cornell.edu domain may be pending for several reasons.

1. You requested that email-validation be used. ACM certificates configured to use email-based validation will never be validated because Cornell does not support email validation for cornell.edu domains. You should delete the certificate and create a new certificate configured for DNS validation.
2. For multi-domain certificates, ACM leaves the certificate in “pending” state until AWS validates all the domains. Ensure that all the DNS records provided by ACM have been created in the Cornell DNS database.
3. ACM doesn’t constantly check for presence of validation DNS records. If the validation DNS records were just created and published, you may have to wait a while for AWS to try validation again.

ACM Certificate Request Timed Out Before Approval

There is a 72-hour window in which DNS validation can be completed for certificate requests. Timeout may occur if you were not able to ensure that the appropriate validation DNS records were created before the 72-hour window expired. If this happens you will need to delete the existing (unvalidated) certificate, and create a new one to restart the validation process.