SSL issue with External DNS in GoDaddy

tiaanayurvedic · December 8, 2020, 7:54am

Netlify site name: https://sharp-mccarthy-6bdce8.netlify.app
Custom domain: https://tiaanstore.com

My Domain is registered with GoDaddy, and my DNS server is also in GoDaddy.

I don’t want to use Netlify DNS currently. I followed the steps for configuring external DNS with Netlify and added the A record for Netlify Load balancer in GoDaddy DNS.

However, the SSL certificate is not working in Netlify. It is failing to provision SSL certificate.

My question is -
Can Netlify automatically provision Lets Encrypt SSL Certificate for my site, if I use external DNS , or do I have to migrate to Netlify DNS for using automatic SSL certificate.

gregraven · December 5, 2020, 12:05am

@tiaanayurvedic Welcome to the Netlify community.

Have you tried setting the CNAME for your www subdomain to your Netlify subdomain, as recommended by the docs?

tiaanayurvedic · December 5, 2020, 12:16am

@gregraven Hi, I am trying to setup my site using the Apex domain option mentioned in the doc. I am able to use this site in Firebase in same way, and I am trying to migrate the site to Netlify now. When attempting to setup Apex domain to point to my Netlify site, I have setup the A record for tiaanstore.com to point to Netlify Load Balancer 104.198.14.52.

gregraven · December 5, 2020, 12:32am

If you don’t use the recommended settings, you may get unexpected results, and it makes it more difficult for others to help you.

tiaanayurvedic · December 7, 2020, 6:39am

@gregraven I waited for some time and the certificate got created by Netlify. I did not use CNAME, as that is for subname. Thank your for responding.

I wanted to follow the Apex domain approach mentioned in documentation, using A name record for Netlify Load Balancer. I was following the documentation link you sent, and it worked with the Apex domain method.

luke · December 7, 2020, 6:39am

Hi, @tiaanayurvedic. You have made the apex domain the primary custom domain for the site. This means all global traffic for this site is going to San Francisco and your site does not use our CDN nodes around the world.

If you want to use the external DNS method, please do not make the apex domain primary (which is how this is configured currently). We strong recommend that you change this and make the www subdomain the primary custom domain for the site.

tiaanayurvedic · December 7, 2020, 6:41am

Hi @luke
Thank you very much for the clear explanation. I do want to use the apex domain https://tiaanstore.com as my primary website as that is an existing advertised domain for the company.

If I migrate to Netlify DNS, can I get benefit of CDN and also preserve my apex domain ?

luke · December 8, 2020, 7:54am

Hi, @tiaanayurvedic. Yes, if you use Netlify DNS the full CDN is used even for the apex domain.

If you are considering moving an existing DNS zone to Netlify DNS, please read these two support guides first:

It might seem that both support guides are about the same topic. However, they each cover something slightly different. The first is about reducing TTL (time to live) values to make changes happen more quickly. The second is about copying all the existing DNS records before activating DNS at Netlify.

If there are other questions, please let us know.