地形错误:添加 LB 侦听器证书时出错:验证错误:无法为 %s 侦听器指定证书

花费超过一天的时间，收到此错误"错误：添加 LB 侦听器证书时出错：验证错误：无法为 %s 侦听器指定证书" 我也尝试导入ACM臂，但同样的问题。有人可以帮忙吗？

data "aws_acm_certificate" "tossl" {
domain   = "*.xyz.com"
types       = ["AMAZON_ISSUED"]
most_recent = true
}

resource "aws_alb" "front_end_ALB" {  
name               = "${local.env_name}-front-end-ec2-alb"
subnets            = module.vpc.public_subnets
load_balancer_type = "application"
security_groups    = [aws_security_group.front-end-ALB-sg.id]
internal           = false
tags = merge(local.common_tags, { Name = "${local.env_name}-front-end-alb" })
}

resource "aws_alb_listener" "front_end_alb_listener" {  
load_balancer_arn = "${aws_alb.front_end_ALB.arn}"  
port              = "${var.alb_listener_port}"  
protocol          = "${var.alb_listener_protocol}"
default_action {
type = "redirect"
redirect {
port        = "443"  
protocol    = "HTTPS"
status_code = "301"
}
}
}

##################################################################################
# Front end Load Balancer Certificate SSL
##################################################################################
resource "aws_lb_listener_certificate" "sslsecure" {
listener_arn    = "${aws_alb_listener.front_end_alb_listener.arn}"
certificate_arn = data.aws_acm_certificate.tossl.arn
}