CNAME entry not working on NameCheap using Amazon Certificate Manager
Adding a more complete answer.
Some DNS provider like Namecheap appends the bare domain name to the DNS record. In effect, if you add the full record provided from Amazon Certificate Manager like so (replace example.com
with your domain):
_cff0cda88701846cbe7a34cd737378e2.example.com
What you'll end up with is
_cff0cda88701846cbe7a34cd737378e2.example.com.example.com
To check if this is the case, after you have added the DNS record, run this command (on Unix)
dig +short _cff0cda88701846cbe7a34cd737378e2.example.com.example.com
If it returns the CNAME record, you have to omit the domain name from your DNS record so you won't get a duplicate domain name in there. Then run
dig +short _cff0cda88701846cbe7a34cd737378e2.example.com
You should get the corresponding CNAME record from it. The validation can take up to 48 hours.
Even though AWS includes it, do not include the domain name itself in the CNAME Host field for Namecheap (they apparently append it for you); just chop that off at the end. The value field is fine.
Give it half an hour.
In the CNAME record enter - _cff0cda88701846cbe7a34cd737378e2
as the host field and - _490287b8f448e2cca3862ebb4a51591.acm-validations.aws
in the value field.
Once done wait for at least 1 hour for the changes to reflect.
If anyone is looking for NameCheap DNS record validation for AWS CloudFront ssl validation then please refer screenshot below. This NameCheap DNS record validation worked for me as of Jul 2019