diff --git a/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts b/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts index d4c776c6c064f..6fad959dc5c4b 100644 --- a/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts +++ b/packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts @@ -83,7 +83,7 @@ export class DnsValidatedCertificate extends cdk.Construct implements ICertifica protected validate(): string[] { const errors: string[] = []; // Ensure the zone name is a parent zone of the certificate domain name - if (!this.domainName.endsWith('.' + this.normalizedZoneName)) { + if (this.domainName !== this.normalizedZoneName && !this.domainName.endsWith('.' + this.normalizedZoneName)) { errors.push(`DNS zone ${this.normalizedZoneName} is not authoritative for certificate domain name ${this.domainName}`); } return errors; diff --git a/packages/@aws-cdk/aws-certificatemanager/test/test.dns-validated-certificate.ts b/packages/@aws-cdk/aws-certificatemanager/test/test.dns-validated-certificate.ts index 7920e0d41b9e9..8d5bbb720f6d4 100644 --- a/packages/@aws-cdk/aws-certificatemanager/test/test.dns-validated-certificate.ts +++ b/packages/@aws-cdk/aws-certificatemanager/test/test.dns-validated-certificate.ts @@ -112,4 +112,31 @@ export = { test.throws(() => expect(stack), /DNS zone hello.com is not authoritative for certificate domain name example.com/); test.done(); }, + + 'test root certificate'(test: Test) { + const stack = new Stack(); + + const exampleDotComZone = new PublicHostedZone(stack, 'ExampleDotCom', { + zoneName: 'example.com' + }); + + new DnsValidatedCertificate(stack, 'Cert', { + domainName: 'example.com', + hostedZone: exampleDotComZone, + }); + + expect(stack).to(haveResource('AWS::CloudFormation::CustomResource', { + ServiceToken: { + 'Fn::GetAtt': [ + 'CertCertificateRequestorFunction98FDF273', + 'Arn' + ] + }, + DomainName: 'example.com', + HostedZoneId: { + Ref: 'ExampleDotCom4D1B83AA' + } + })); + test.done(); + }, };