I'm running my frontend app on a DNS name like example.com and was able to connect the https certificate to the hosted zone in aws route 53. Now when I go to example.com https works fine.
The problem I have is when calling the backend.
There's a separate load balancer which runs this backend API and I want to connect it to a subdomain. Because I want a subdomain like my.api.example.com, from this question (https certificate issue with subdomain)
I figured out I need a separate certificate. Then I created a new certificate that is different from example.com and *.example.com and added it to the hosted zone but there it just appears as a CNAME and I can't point it to the API load balancer.
However, I can create A Record inside the hosted zone which points to the API load balancer but then it's not secure.
My question is how to attach this separate backend api certificate to subdomain my.api.example.com so that when frontend running on example.com calls my.api.example.com it doesn't turn to 'Not Secure' in the browser?
Here are the main steps that can help you to revise your current configuration.
Step 1:
Reference: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate-api-cli.html
Step 2: After successfully imported, you can validate this certificate with Route53 (or over Email).
Step 3: I assumed that you are using Application Load Balancer. From the AWS Console, you have to create an HTTPS listener. From here, you can specify the certificate that you imported into AWS ACM earlier.
Reference: