Setting up a custom domain

Questions / Help
1

Hi, everyone.

I have an issue where https://domain.com works but https://www.domain.com doesn’t. For context, I followed the How to Do Custom Domains With Fly tutorial and started by adding A and AAAA records as instructed:

A @ [v4 address]
AAAA @ [v6 address]

Was I right to use @ as the host here? Then, I created a domain.com certificate for my-app. Here’s what I did (with placeholder names):

➜  (main) flyctl certs create -a my-app domain.com
Your certificate for domain.com is being issued. Status is Awaiting certificates. Make sure to create another certificate for www.domain.com when the current certificate is issued.

Looks good and after a few minutes I could access https://domain.com but not www.domain.com. Then, as was suggested, I created a certificate for www.domain.com by doing the following:

➜  (main) flyctl certs create -a my-app www.domain.com
You are creating a certificate for www.domain.com
We are using Let's Encrypt for this certificate.

You can configure your DNS for www.domain.com by:

1: Adding an CNAME record to your DNS service which reads:

    CNAME www. my-app.fly.dev

So, I went to hover and added the new CNAME record. Up to now, I’ve added A and AAAA records as well as the CNAME mentioned above.

That tutorial goes on to suggest using flyctl certs show -a my-app to watch your certificates being issued but that command doesn’t work (error below) so I guess the API has changed since it was written. I look in my dashboard and see both certificates but the www.domain.com is showing as not verified. I did this on Saturday initially and figured I should wait at least a day for DNS propagation but now, on Monday, it’s still not working. Any thoughts?

Here’s the output from the flyctl certs show -a my-app command. I’ve tried running it with app name and then flags, as it suggests, but that doesn’t work.

➜  (main) flyctl certs show -a my-app
Error: accepts 1 arg(s), received 0
Usage:
  flyctl certs show <hostname> [flags]

What does work, however, is flyctl certs show domain.com so maybe the documentation needs updating here as it’s a little confusing.

What am I missing here? It doesn’t seem like a DNS propagation issue.

Thanks in advance! :slight_smile:

1 Like
2

Update:

I was in the Certificates section of my dashboard, looking at the domain.com certificate (the verified one) and noticed it showing the recommended A and AAAA records using @ as their host, just as I’d done. That’s one question cleared up, I guess.

In the www.domain.com certificate, however, despite it showing it as not being verified, it now suggested adding A and AAAA records (with the same v4 and v6 addresses) but this time with www as host. That is, for me to now have 2 x A and 2 x AAAA records. When adding these certificates on the command line, I didn’t tell me to do this; it just said to create that CNAME record.

Anyway, I added these and within a couple of minutes I could access https://www.domain.com as well as https://www.domain.com. Great. The www certificate still shows as not verified in my dashboard but I guess that’ll change soon.

In general, it seems like that tutorial may need updating. In the end, is my setup correct? I have now added the following records:

A @ [v4 address]
AAAA @ [v6 address]

A www [v4 address]
AAAA www [v6 address]

CNAME www. my-app.fly.dev
1 Like
3

The docs and help text do need some love. It’s a few things down our priority list, but it’ll happen.

You only need A/AAAA records for the apex domain.com because CNAME records aren’t allowed there. For subdomains a CNAME works just fine.

4

Hi, @michael. Thanks for the reply.

At the time of writing this, the only way I was able to see www.domain.com was to add the second set of A/AAAA records for www, as shown in my last comment.

Based on what you’ve said, what would you change about my setup? It’s exactly as shown in the last comment, i.e. 2 x A/AAAA for @ and 2 x A/AAAA for www. This is working but if there’s a better setup, I’d like to know as I’m relatively new to this and would like to learn best practices here. Thank you!

1 Like
5

I did the same thing as you. I also had to create certs for www.myDomain.com. I already had certs for myDomain.com