​AWS API Gateway is a great service to create your own API. To create a custom domain for your API you need SSL and go through a series of steps. If you're a Cloudflare user you can set up your custom domain in minutes.


  1. In your AWS management console go to the API Gateway service and select "Custom Domain Names" from the left menu.
  2. Click the create button.
  3. Log into Cloudflare, select your domain and open the "Crypto" tab
  4. Go to "Origin Certificates" and click "Create Certificate"
  5. Let Cloudflare generate a private key and a CSR and choose RSA as the private key type
  6. Make sure that the hostname for your custom API domain is covered. E.g. api.mydomain.com. You can specifically configure this custom domain or use a wildcard such as *.mydomain.com as is configured by default.
  7. Pick PEM as the key format which is selected by default
  8. Copy the Certificate body from your Cloudflare certificate to Certificate body to the configuration of the custom domain in the AWS Management Console.
  9. Copy the Private key to the Certificate private key field in the console
  10. In the certificate chain copy the Cloudflare Origin CA - RSA Root which can be found here: https://support.cloudflare.com/hc/en-us/articles/218689638-What-are-the-root-certificate-authorities-CAs-used-with-CloudFlare-Origin-CA-
  11. Enter your custom domain name in the AWS console and a name for your certificate
  12. Now the custom domain name will be created in AWS Cloudfront. It can take up to an hour before the domai becomes active.
  13. The next thing you need to do is set up the Mappings of the custom domain in the AWS Console.
  14. The final step is to create a new CNAME record in CloudFlare to link your domain to the Cloudfront url. When you open the settings page of your custom domain in the AWS console copy the Distribution domain name. This is the domain you need to use when creating the new CNAME record.