My app IP address returns server hangup. The custom url works well https://coming-soon.fly.dev/. I pointed the app to my custom domain using A and AAA record. The custom domain is also returning Server hangup
Hi,
Have you requested a certificate for your custom domain, and if so, has that been issued?
Only if you simply add an A/AAAA record pointing e.g your-domain.com at 1.2.3.4, that IP is (likely) shared with other apps. Fly would not know which app to route an incoming request for your-domain.com or 1.2.3.4 to. Perhaps that is why it’s failing.
The certificate tells Fly which custom domain belongs to which app, so it can correctly route it. See this part for more:
1 Like
I have requested for certificate. How do I check if it has been issued?
Thanks.
1 Like
Hi,
If using the CLI fly certs show your-domain.com should show its status.
If your DNS records are correct it should be almost instant.
Hi folks,
The reason trying to access the server by IP address results in a server hangup, has nothing to do with the certificate itself.
You cannot access an https URL by IP address, and this is mostly by design.
The name of the server you’re accessing must be known early in the handshake so the client and server can validate the server’s name and identity, one of the core features of TLS/SSL. So if you’re hitting a raw IP address, the host name is not known, and the receiving server will just close the connection as seen here.
You can replicate this with curl:
$ curl https://66.241.125.72
curl: (35) error:0A000126:SSL routines::unexpected eof while reading
Connecting to an https URL should always use a hostname for the above reason.
Here’s a more detailed explanation.
Note that accessing this particular site with http will also not work:
$ curl http://66.241.125.72
curl: (56) Recv failure: Connection reset by peer
this is related but not the same cause: you’re using a shared IP address, which means the same IP serves many different apps. As per above, when using the IP address directly, the server can’t identify the host you’re trying to connect to (there are many in the same IP address?) and so the connection gets closed.
If using http and not https is sufficient for you, you can get access-by-ip working over plain http by assigning a dedicated IP address (note this has an additional monthly cost). I advise NOT doing this unless you have a very specific need to access your service by IP and none of the other techniques works.
Why do you need to access by IP, out of curiosity?
- Daniel
1 Like
This works now. Fixed
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.