Which solution will meet these requirements?
Use a local machine to create a certificate that is signed by the third-party CImport the certificate into AWS Certificate Manager (ACM). Create an HTTP API in Amazon API Gateway with a custom domain. Configure the custom domain to use the certificate.
Create a certificate in AWS Certificate Manager (ACM) that is signed by the third-party CA. Create an HTTP API in Amazon API Gateway with a custom domain. Configure the custom domain to use the certificate.
Use AWS Certificate Manager (ACM) to create a certificate that is signed by the third-party CA. Import the certificate into AWS Certificate Manager (ACM). Create an AWS Lambda function with a Lambda function URL. Configure the Lambda function URL to use the certificate.
Create a certificate in AWS Certificate Manager (ACM) that is signed by the third-party CA. Create an AWS Lambda function with a Lambda function URL. Configure the Lambda function URL to use the certificate.
Explanations:
This option satisfies all requirements: using a third-party CA to sign the certificate, importing the certificate into ACM, and configuring API Gateway with TLSv1.3 on a custom domain using this certificate.
ACM does not allow you to directly create certificates signed by third-party CAs. Certificates must either be issued by AWS or imported if signed by a third-party CA.
Lambda function URLs do not currently support custom certificates, so the third-party CA-signed certificate cannot be applied to a Lambda function URL.
Lambda function URLs do not support custom certificates. Therefore, configuring a custom certificate with a third-party CA would not be feasible with this setup.
I strategize that the answer is:
Use a local machine to create a certificate that is signed by the third-party CImport the certificate into AWS Certificate Manager (ACM). Create an HTTP API in Amazon API Gateway with a custom domain. Configure the custom domain to use the certificate.