fix(acm) enabled validation of certificates on the zone name

[McDoit]

As it is now, only certificates with subdomains are correctly validated

Got help from @njlaw to find and correct the issue

First PR like this, I hope it looks ok!

---

Pull Request Checklist

• Testing
  • Unit test added (prefer not to modify an existing test, otherwise, it's probably a breaking change)
  • CLI change?: coordinate update of integration tests with team
  • cdk-init template change?: coordinated update of integration tests with team
• Docs
  • jsdocs: All public APIs documented
  • README: README and/or documentation topic updated
• Title and Description
  • Change type: title prefixed with fix, feat will appear in changelog
  • Title: use lower-case and doesn't end with a period
  • Breaking?: last paragraph: "BREAKING CHANGE: <describe what changed + link for details>"
  • Issues: Indicate issues fixed via: "Fixes #xxx" or "Closes #xxx"
• Sensitive Modules (requires 2 PR approvers)
  • IAM Policy Document (in @aws-cdk/aws-iam)
  • EC2 Security Groups and ACLs (in @aws-cdk/aws-ec2)
  • Grant APIs (only if not based on official documentation with a reference)

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.

[eladb]

Can you please add a unit test for this?

[McDoit]

@eladb After some trial and error with the TS tests, i added one test for the root domain case

[eladb]

This test doesn't seem to verify the new behavior (we need to verify that there's an error thrown when you synthesize)

[McDoit]

Sorry @eladb but i don't think i follow you, i built the test like the previous ones on this test suite, but i am totally inexperienced with writing TS and TS tests so might have missed something?

[eladb]

You are right, my bad. Looks good.

[eladb]

You are right, my bad. Looks good.