So I now have a site with a custom domain set up on Netlify. My custom domain is registered with HostPapa, and I have this domain working under www.upminsterbaptists.co.uk and upminsterbaptists.co.uk pointing to my new Netlify site
I thought that adding a MX record here would work, pointing my subdomain to the Netlify subdomain would work, but sadly didnāt even after a couple of days, so Iāve deleted it.
Hi! Iām happily using Netlify, and Iām on the Netlify DNS (i think) with the custom domain option (www.blacktoad.pub).
But, Iām hosting a database on a different server (88.119.171.174), and Iāve installed a REST api on that, accessible via HTTP. (To be exact, PostgreSQL+PostgREST). I now need to add SSL, and in order to do so, I need a hostname.
Thus, Iād like to have a subdomain, api.blacktoad.pub point to that server. But Iām getting so confused by all the DNS options. Do I have to set this up at Netlify? Or perhaps at Porkbun, where I got my domain?
Any help is greatly appreciated!
Netlify site name:
pedantic-goldwasser-502553.netlify.app
hey @Kit_Zeller, i moved your post over here, as you are actually asking some similar questions as @martin.m.riley is. I think we can all figure this out together. Could you start by reading the post I linked above for some background info?
Thanks both for your comments - Iāve managed to work it out (much easier than I imagined).
All I had to do was add an additional DNS Record to my account and point it at my new git build. Iāve added an additional screenshot to show the difference between my original post.
Hi Perry, yes the MX record is for email being handled on HostPapa (e.g. example@upminsterbaptists.co.uk). Everything else is working as expected, I just needed to create and add a subdomain to an additional git build under upminsterbaptists.co.uk.
Been a while since I set this all up, never really planned on adding a subdomain, thus Iām a bit hazy on some of the things I did months ago.
But anyway, letās break the challenge down into smaller bits and factoids:
Iām 99% sure Iām already using Netlify DNS, as in my domain settings tab, thereās a label saying āNetlify DNSā. Also, Porkbun reports Iām using dns1.p08.nsone .net to dns4.p08.nsone .net, which I believe are Netlify nameservers.
Netlify DNS tab reports:
api.blacktoad.pub3600 IN NETLIFYpedantic-goldwasser-502553.netlify.app
blacktoad.pub3600 IN NETLIFYpedantic-goldwasser-502553.netlify com
www.blacktoad.pub3600 IN NETLIFYpedantic-goldwasser-502553.netlify com
The api subdomain is the one I freshly created.
Netlify HTTPS tab reports:
Your site has HTTPS enabled
Certificate:
Letās Encrypt
Domains
*.blacktoad.pub, blacktoad.pub
Furthermore, Porkbun reports:
TYPE
HOST
ANSWER
TTL
PRIORITY
MAGIC
OPTIONS
ALIAS
blacktoad.pub
pedantic-goldwasser-502553.netlify .com
300
CNAME
autodiscover.blacktoad.pub
webmail.porkbun .com
300
CNAME
*.blacktoad.pub
pixie.porkbun .com
300
MX
blacktoad.pub
fwd1.porkbun .com
300
10
MX
blacktoad.pub
fwd2.porkbun .com
300
20
SRV
_autodiscover._tcp.blacktoad .pub
10 443 webmail.porkbun .com
300
10
TXT
blacktoad.pub
v=spf1 mx ~all
300
But it also says:
āYour domain is not currently using our default name servers and this functionality requires it. Would you like us to update your domain to use our name servers?ā
Now, what I need is
That api.blacktoad.pub points to a non-netlify server.
That api.blacktoad.pub supports SSL.
A hypothesis I have is that I have to plug in the api subdomain at Porkbun, having it point at the non-netlify server. But is that going to work when the DNS is handled by Netlify?
How do you point a subdomain to a server outside of Netlify?
How do you get SSL working for that server?
For the first question, the answer is that you will create an A or CNAME record with Netlify DNS that points that subdomain to the other server.
A records point to IP addresses. CNAME records point to other domain names. Which to use depends on the other server and how it is configured. The other hosting company should have documentation about the DNS records required.
Once you know the records to create, add them to the Netlify DNS zone.
In other words, you need to tell us what DNS records are needed. We donāt know. Once you tell us what is needed, we can help get the DNS records working at Netlify. The API hosting company should be able to tell you what records are needed.
For the second question, the answer is that you will need to get an SSL certificate on your own. Netlify does not provide SSL certificates for domains not hosted at Netlify. While www.blacktoad.pub and blacktoad.pub are hosted at Netlify, the server for api.blacktoad.pub wonāt be.
For that subdomain api.blacktoad.pub you must acquire your own SSL certificate. The SSL certificates provisioned at Netlify cannot be exported from our service.
The two primary solutions that I know of for a third-party SSL certificates are:
purchase an SSL certificate certificate authority
use Letās Encryptās certbot tool to provision the SSL certificate manually on that server (if you can access a shell on the API server)
If there are other questions, @Kit_Zeller, please let us know.
@martin.m.riley, you seem to be all squared away. Is that correct? If there are any unresolved issues, please reply anytime and weāll keep working on this.
Wow, that was surprisingly easy and painless! Recap, all I had to do is add an A-record to the Netlify DNS settings, pointing to my IP. On the other server I had to run Certbot, but that was also a breeze.
The only snag was that I had already created a subdomain on Netlify called api, which, after deleting it wasnāt removed from the Netlify DNS and couldnāt be edited, so I had to use a different subdomain name. Maybe @luke or @perry could look into that, seems might this might be a bug on Netlify side.
We have more information about the NETLIFY and NETLIFYv6 type DNS records here:
Please read that support guide above for an in-depth explanation of how these records behave with our service. The three key points there are summarized as:
These records are locked by default and can be unlocked by our support team.
These records only connect domain names to IP addresses.
These records do not control which site the domain name is linked to (if any).
You can delete any of those records now. This only affects existing records. If other records cannot be deleted in the future, please let us know and weāll unlock those as well.
EDIT:
I also want to thank you for taking the time to let us know that you used certbot and how you configured the DNS to make that successful.
While we appreciate the follow-up it will be particularly helpful for other people searching this community site. Seeing the solution that worked for someone can help other people with similar issues and Iām sure those finding this answer in their searches will appreciate it even more than we do. (This answer of using certbot doesnāt just apply to Netlify DNS either. It works with any DNS service and virtual servers with shell access.)
