How can I resolve DNS resolution or certificate mismatch errors for my API Gateway custom domain name?
Last updated: 2022-09-16
I configured a custom domain name for my Amazon API Gateway API. I am unable to connect to the domain name and receive DNS resolution or certificate mismatch errors. How can I resolve this?
Before creating a custom domain name for your API, you must do one of the following:
Request an SSL/TLS certificate from AWS Certificate Manager (ACM).
Import an SSL/TLS certificate into ACM.
For more information, see Getting certificates ready in AWS Certificate Manager.
To connect to a custom domain name for API Gateway APIs, you must configure Amazon Route 53 to route traffic to an API Gateway endpoint.
- When configuring Route 53, you must create either a public hosted zone or a private hosted zone. For internet-facing applications with resources that you want to make available to users, choose a public hosted zone. For more information, see Working with hosted zones.
- Route 53 uses records to determine where traffic is routed for your domain. Alias records provide easier DNS queries to AWS resources, while CNAME (non-alias) records can redirect DNS queries outside of AWS resources. For more information, see Choosing between alias and non-alias records.
For more information and instructions, see How do I define a custom domain name for my API Gateway API?