‹ Return to How tos

Add alternate domains and subdomains to your SSL/TLS certificate in Amazon Lightsail

Last updated: November 29, 2017

When you create your SSL/TLS certificate for your Lightsail load balancer, you can add alternate domains and subdomains to it. These alternate names help ensure that all traffic to your load balancer is encrypted.

When you specify a primary domain, you can use a fully qualified domain name such as www.example.com or an apex domain name such as example.com.

The total number of domains and subdomains must not exceed 10, so you can add up to 9 alternate domains and subdomains to your certificate. You might want to add entries similar to the following list.

  • example.com

  • example.net

  • blog.example.com

  • myexamples.com

To create a certificate with alternate domains and subdomains

  1. If you don't have one yet, create a Lightsail load balancer.

  2. On the Lightsail home page, choose the Networking tab.

  3. Choose your Lightsail load balancer to manage it.

  4. Choose Inbound traffic.

  5. Choose Create certificate.

  6. Enter your primary domain (e.g., www.example.com).

  7. Enter a name for your certificate or accept the default.

    Resource names:

    • Must be unique within each AWS Region in your Lightsail account.

    • Must contain 2 to 255 characters.

    • Must start and end with an alphanumeric character or number.

    • Can include alphanumeric characters, numbers, periods, dashes, and underscores.

  8. Enter your domains and subdomains in the list. Choose the plus icon to add a new line.

    Create domains and subdomains for your SSL/TLS certificate
  9. Choose Create.

    Once created, you have 72 hours to verify that you own your domain.

Next steps