After I registered DNS Zone, I tried to validate my domain to add custom domain, But still can't work.And got an error in the last line with the content "To verify domain ownership create TXT and A records with your DNS provider using the configuration below".
The DNS I have registered is ftq-test.biz
I also added 2 records as follows:
A : host: #, TTL: 3600, Value : my IP
TXT : host: asuid, TTL:3600, Value: Custom Domain Verification ID.
What step am I missing?
Please help me.
enter image description here
enter image description here
For the DNS Zone to work for your domain, you need to make sure your domain uses the Azure DNS as its Nameservers. Normally, this is configured at the domain registrar like GoDaddy or Namecheap.
To check if the domain is setup correctly, you can do an NS Lookup. The result should show Azure as the nameservers for your domain:
Checking the nameservers for your domain name, it looks like nameservers weren't set up yet.
EDIT:
Seems like you haven't even registered that domain yet. You will need to first register (buy) the domain, then configure it to use Azure DNS as its nameservers and only then you can connect it as a custom domain name to your Azure App Service.
This is my checklist that I use for setting up an azure hosted app service with one of my godaddy domains:
Example assuming appservice is called myAppService and your desired sub-domain at front of url is mySubDomain
1. Go to azure portal. Navigate to the appservice.
2. click on 'Custom domains' blade
3. grey + symbol is actually a button, 'Add custom domain'
4. type in full url e.g. mySubdomain.mydomain.co.uk Validate.
5. Copy the Custom Domain Verification ID should be like A5A80F074A83A677E103B749F31237B08B630D5D1B0D79040E410FCDF802BAF8
6. godaddy.com. login. top right, choose yourname then 'My Products'
7. mydomain.co.uk click DNS on the right
8. Add. TXT.
1. Name = asuid.mySubdomain (the subdomain)
2. Value = A5A80F074A83A677E103B749F37507B08B630D5D1B0D72050E410FCDF801AAF8
3. TTL = 1 hour
4. Add record.
9. Add. CNAME.
1. Name = the subdomain you wish to use e.g. mySubdomain
2. Value = the azuresites url e.g. myAppService.azurewebsites.net
3. TTL 1 hour
4. Add record
10. Go back to to azure and Validate again it should work.
11. Add custom domain
12. It should appear within Custom Domains blade but with SSL state Not Secure
13. Click Add Binding under the SSL Binding column
14. The panel that appears on the right is buggy it often says you have no certificates but if you click custom domain to 'Choose domain' then back again, your certificate appears
15. Choose certificate (not the expired one)
16. TLS / SSL type is 'SNI SSL'
17. Add Binding
18. Should now show up as secure
19. Click the slider that says HTTPS only to true
20. You are done.
Related
there is an obligatory CNAME entry for one of my Google domains.
It reads:
_domainconnect.[mydomain].de CNAME 6 hours connect.domains.google.com.
What is this CNAME entry used for? As far as I have understood DNS this should not be necessary to find the actual server IP.
It is indeed not necessary for IP lookup. I suppose maybe Google itself uses it for something. I've found this https://community.cloudflare.com/t/domainconnect-in-dns-record-is-it-needed/185059 but no actual explanation of what it is.
I noticed this entry in one of my domains I have in CloudFlare that is registered via Google Domains, I also have another domain purchased there with a DNS zone on CF that does not have it. I'd say it's safe to get rid of the record — Google's dashboard never complained about it and DNS itself certainly does not need it.
It is more protocol than anything, and is not used to find your server's IP.
There is an open Web standard called Domain Connect that Google adheres to. Within Domain Connect's specifications (at this link at the time of writing) there is a section called DNS Provider Discovery that gives a full explanation of the spec Google is trying to fulfill by having that CNAME record.
To summarize what the Domain Connect docs say on this spec:
Every domain name, to meet this spec, needs to provide information on what DNS provider is being used (in your case, Google). It says that that information must be available via a TXT type DNS record with the host name of _domainconnect.<your domain name here>.
However, the docs alternatively allow for a CNAME type DNS record (CNAME is used as an alias record) with host name _domainconnect.<your domain name here> to point to another domain/subdomain that contains this TXT record with the record value the spec asks for. (Google does it the CNAME way with connect.domains.google.com. as the value.)
Whichever way this spec is done, the record value of this final TXT record should be a domain that you can do an HTTP GET request to, with the full URL being in the form of https://<the TXT record value>/v2/<your domain>/settings to get a JSON response that contains information about the DNS provider.
To see this in action:
If I go to a DNS lookup tool site like https://mxtoolbox.com/txtlookup.aspx, I can put the value of the CNAME record, connect.domains.google.com, in the search bar and see the corresponding TXT record, which has a record value of "domainconnect.googleapis.com". (Note: of course, when I use this value in an HTTP GET request in the next step, I'm going to strip off the double quotes.)
I should then be able to do an HTTP GET request to https://domainconnect.googleapis.com/v2/mydomain.de/settings and get a JSON response with information on Google as a DNS provider. I can see the JSON by just entering that URL in a browser URL bar. At the time of writing, assuming mydomain.de was a valid domain with Google Domains as its DNS provider, you should get:
{
"providerId": "domains.google.com",
"providerName": "Google Domains",
"providerDisplayName": "Google Domains",
"urlSyncUX": "https://domains.google.com/domainconnect",
"urlAPI": "https://domainconnect.googleapis.com"
}
And that entire journey was so that people/software can see who your DNS provider is, and some basic info about them, all via DNS. Phew...
Be advised that Google isn't the only big DNS provider that adheres to Domain Connect specs.
I followed Quickstart: Add a custom domain name to Azure Active Directory to verify my custom domain but still experiencing difficulties. I owe a domain (something like www.example.com with the only difference is mine is not 'example') purchased at GoDaddy.com.
If I try to verify that domain and specify its name (in AAD portal) as www.example.com then I can successfully complete the verification, but if I use the name example.com (without www) - I am seeing an error saying
Unable to verify domain name. Ensure you have added the record above
at the registrar 'MyDomainNameIsHere.COM', and try again in a little
while.
I employed nslookup to make sure the TXT record was added, I also followed the section Troubleshooting, non of those 3 cases apply to me:
waited for few hours
made sure with nslookup that the dns record is
correct and exists
there is no existing domain with that name
Why does it work if I prefix it with www and doesn't without it? Do I need to make some changes at GoDaddy?
I need that custom verified domain to add AAD users associated with their emails at my domain, for instance, User1#example.com; User2#example.com and so on. That doesn't work when I verify the www option complaining that example.com is not verified domain but doesn't complain if I try to create a user User1#www.example.com and I cannot do that because there is no corresponding email address.
I have purchased a domain name from a local hoster.
When I go to may panel it shows the following things.
Registered Domain
I want my blogger to point here. But I have no idea what to do here.My domain name is bropoint.com. Heres what blogger says.
Blogger Details
Any one could help me with this ? Thank you.
Note
- Depending on your Domain Provider, the process may vary.
In BlogSpot
Head over to Settings > Basics and you will see an option which says Publishing >Blog address > + Setup a 3rd party URL for your blog
After adding the domain name, it will give two CNAME records. Once you have these CNAME details, login to your domain control panel.
If You are Using InMotionHosting
Click the Advanced Zone Editor button in the Domains section.
Click the drop-down menu, and choose the domain you want to edit the DNS for.
Click the drop-down menu under Type, and choose CNAME.
Add the record like this
Similarly add the second CNAME also.
You should be able to see both the CNames then.
I am trying to set SSL certification through Microsoft Azure.
I purchased SSL certification and basically followed the steps here: https://learn.microsoft.com/en-us/azure/app-service-web/web-sites-purchase-ssl-web-site
However, I'm stuck in the Verify stage for quite a few hours.
I'm trying to verify using my DNS zone file. According to the instructions I get in Azure's wizard:
I added the following Zone record.
But when I hit 'refresh' my website does not verify. Can anyone see the problem?
According to this atilce, you will find you should add txt record as below:
DNS TXT Record Verification:
Using your DNS manager, Create a TXT record on the # subdomain with value equal to the Domain Verification Token.
Click “Refresh” to update the Certificate status after verification is completed.
So I suggest you could add record as below:
GoDaddy manage DNS as below:
Or you could add txt record as below:
#.<domain> with value <verification-token>
After 5-10 minutes, you could refresh the domain verification, it will work well.
A domain name that we have is using google mail as its backend, but its not hosted anywhere (no website). How can I, through the registrar interface (I'm using 1&1), redirect ppl who type in http://mail.example.com to http://mail.google.com/a/example.com ?
I can create a subdomain and set its DNS/CNAME, but what do I put where? Also, if I make this change will it affect the existing mail delivery (for which everything is running fine presently).
It turns out it wasn't that tough... and the instructions are part of Google itself:
Dashboard -> Service settings: Email -> General:Web address -> Change URL
https://www.google.com/a/cpanel/example.com/CustomUrl?s=mail
Changing CNAME record
To use the custom URL mail.example.com, you must change the CNAME record with your domain host.
Sign in to oneandone.
Navigate to your DNS Management page. The location and name
of this page will vary by host, but
can generally be found in Domain
Management or Advanced Settings.
Find the CNAME settings and enter the following as the CNAME value
or alias:
mail
Set the CNAME destination to the following address:
ghs.googlehosted.com
Save changes with your domain host and click "I've completed
these steps" below.
You cannot redirect to a path (such as /a/example.com) using only DNS. DNS CNAME records can make mail.example.com/foo effectively point to mail.google.com/foo, but something more sophisticated will require HTTP redirects. This means you need someone hosting your web page for this to work.
Sorry.
If your registrar offers an "HTTP Redirect" option, you can use that. Some registrars do. If you use this, they're effectively running a minimal web server for you. Note that this may break SSL when users access your page via https://example.com.
Mail delivery is via MX records, which won't be affected by changes to other types of record (so long as you don't interfere with the DNS records for the domain's mail servers).