Hi, I'm Ataias Reis

Programmer, made in Brazil, Alma mater University of Brasilia

Getting an Amazon SSL Certificate when you didn't receive an e-mail

At the time of this writing - September 3rd, 2016 - this website is hosted on AWS and thanks for this post Hosting Hugo on AWS. Nevertheless, I had problems in the process. I found the idea of having an SSL certificate nice and I wanted to try it as the steps were well explained and there were no extra costs when you are using Amazon CloudFront. The problem was I just registered my domain at Registro.br and I had no admin e-mail. The solution is to create an admin e-mail and then actually request the certificate. Note that I am considering in this post you already have a registered domain.

A free solution for creating an admin e-mail is Zoho. Actually, I first tried Google Apps and it worked, but I don't want to spend $5 per month with just my personal website mail that I may not use that much (at least in the beginning when I have no readers). I was afraid of using Zoho as I have never heard of it before and I was expecting something really cheap, with no quality and possibly slow to receive e-mails. I was surprised at least! I had a clean mail box, any e-mail I sent as test arrived at the same moment and it was really nice. Maybe you think ‘All mails arrive instantly’, but one year ago I tried to send from gmail to outlook or from outlook to gmail and it actually took some time for me to see it. Maybe this is resolved by now, but it is good to ensure that e-mail delivery and receiving is fast.

On Registro.br, I had to go to Editar zonas de registro (Edit register zones). I had no idea that this was the place to go. There I could add records with what was needed for mail to work. After having your Zoho account set with an e-mail like `admin@mydomain.com`, you add the MX records so that the DNS provider will give the correct location of your e-mail. The steps are:

  1. Specify the ‘Name’/ ‘Host’ as ‘@’ or leave it ‘Blank’. (For the case of Registro.br, you leave it blank)
  2. For the case of Zoho, you add the following records (see the docs for more info):
Host/ Domain Address/ Mail Server/ MX Entries/ Value Priority
@/ Blank/ Domain name mx.zoho.com. 10
@/ Blank/ Domain name mx2.zoho.com. 20

Once I did that, I could get the amazon ssl certificate using

aws acm request-certificate --domain-name $YOUR_DOMAIN --subject-alternative-names "www.$YOUR_DOMAIN" --idempotency-token "`date +%s`"

as instructed by Joseph at LUSTFORGE. Thanks for reading! Don't be afraid of commenting!

comments powered by Disqus