REMINDER
SOLVED How do I activate SSL on my host site?
-
@team-dawes said in How do I activate SSL on my host site?:
_d561c9638c05688b1795fa9aa1bd438d
issue is you have a CAA dns record on your domain that is preventing AWS ACM to generate the certificate, please add this dns records to allow AWS to generate certificates for your domain:
toolk.it.com. IN CAA 0 issue "amazon.com"
toolk.it.com. IN CAA 0 issuewild "amazon.com" -
@joseph-benguira ,
Thanks for the advice.I added them:
CAA Record toolk.it.com 0 issue "amazon.com"CAA Record toolk.it.com 0 issuewild "amazon.com"
-
I did what you suggested. There's a reply from me waiting in your queue.
I came back to this site and it said it was waiting to post the certificate.
I came back 15 minutes later and got this:You need to add this CNAME in your domain provider to validate the SSL certificate
CNAME Key: _d561c9638c05688b1795fa9aa1bd438d
CNAME value: _3e06a47c5dda9fa14e0778be51a41984.xlfgrmvvlj.acm-validations.aws.which again is already in my CNAME.
-
@team-dawes said in How do I activate SSL on my host site?:
_d561c9638c05688b1795fa9aa1bd438d
I can see the DNS verification is OK
but AWS ACM still return an error when generating your certificate:
"FailureReason":"CAA_ERROR"I've checked if you added the CAA records, and it seems they are not there, you can check it here:
https://dnschecker.org/#CAA/toolk.it.com -
Hey Joseph, I think I have it all set up.
And the site isn't showing at all.
What needs to happen?
-
@team-dawes issue is the CAA record seems not propagated as you can see here:
https://dnschecker.org/#CAA/toolk.it.com -
@joseph-benguira, yes, I get that the CAA record hasn't propagated. I check it every day, a couple of times a day.
What's my next step?
How do I get it to propagate? -
@team-dawes you have to contact your registrar, it should be propagated in few hours, not taking days. Only the registrar can help with that.
Another option is to use cloudflare:
https://support.appdrag.com/doc/Use-CloudFlare-and-Activate-SSL -
@joseph-benguira , if this issue comes down to - who provides SSL for my website
why don't I just use SSL from NameCheap? They give me SSL when I buy a domain.Questions:
- Can I turn on the SSL at Namecheap and use that even though they won't be hosting my website?
- If I do turn on the SSL at NameCheap, can I still use connect to Appdrag?
- If I'm not using SSL from Amazon, then
Do I still need the CNAME record for AWS?
Do I still need the CAA Records?
-
@joseph-benguira ,
OK, toolk.it.com is up and discoverable, I believe.
I'm not sure where the SSL is coming from. I have SSL from Namecheap.
Should I be using that? -
@team-dawes No you can't use SSL from namecheap since they are not doing the hosting process, only alternative is Cloudflare because they offer a free reverse proxy system including SSL termination
or go back to step 1, fix your DNS CAA record
https://dnschecker.org/#CAA/toolk.it.comfor that please ask help to your registrar, or migrate to Cloudflare they will handle your nameservers
-
@joseph-benguira , thanks for your help
I've spent about 2 1/2 hours in chat with Namecheap trying to get this work.
And I'm having no luck. I'm trying to go back to basics and I'm getting this error on appdrag.
-
@joseph-benguira ,
I thought it might simplify matters to transfer my domain to appdrag.
I'm getting this
-
@team-dawes this message happens when domain is already connected to your project, you can't do it twice
-
@team-dawes indeed we do not support your domain extension ".it.com"
-
@joseph-benguira , thanks.
I'm glad to get resolution on this. -
@joseph-benguira - given that appdrag doesn't support .it.com, I'd like to change the domain for this project
From toolk.it.com
To swaysmarts.comHow and where would I do that?
Thanks!
-
@team-dawes what you can do is add the domain in your project, then you can set it as main domain and activate the SSL
If it's a domain you have with another registrar you can follow this guide:
https://support.appdrag.com/doc/Connecting-a-Domain -
@joseph-benguira , thank you.
I successfully added swaysmarts.com
-
@joseph-benguira - how do I now set swaysmarts as the main domain for the project?
I tried
- deleting toolk.it.com
- adding the CName record
CNAME Key: _d561c9638c05688b1795fa9aa1bd438d
CNAME value: _3e06a47c5dda9fa14e0778be51a41984.xlfgrmvvlj.acm-validations.aws.
But that just turned the status button red for swaysmarts
