Delegate Subdomain to Azure via CNAME - azure

the company I’m working for provided me a subdomain. test.mycomp.com . I want to add it to my azure web app via custom domain.
The azure system recommends a CNAME delegation and provided me the information to enter web-zeudz-staging.azurewebsites.net in the dns management as CNAME.
After doing so and verifiying via DNS Lookup, Azure always gives me „Domain Ownership Error“. What can I do to make this work?

Is your DNS provider also a CDN provider, for example cloudflare? If so, turn off the CDN/proxy function so it's a DNS only record and try again.

If you don't have any control over the CDN function you can use txt record validation.
Create your TXT record awverify.subdomain.test.mycomp.com with value web-zeudz-staging.azurewebsites.net and validate again. It should succeed.
There's also a CNAME awverify method but you need CDN disabled for that too.
I find it strange that your company doesn't have the option to enable/disabled CDN for any given DNS entry though.

Related

Azure CDN connect custom domain

I have static website on azure storage, it's connected to azure cdn to have https, and i have my custom domain folla.com.pl I want this domain to point to https://companywebsitecdn.azureedge.net/ which is address of my website on azure cdn. I chose custom domain on cdn configuration site, it asks me to make dns mapping to verify ownership, so i make CNAME cdnverify.folla.com.pl to cdnveriy.companywebsitecdn.azureedge.net and it get me to other window with custom doamin https config. And here's my problem, it get's stuck on second step
How I'm suppouse to configure another mapping to make it work, what i mean is to make folla.com.pl to point to https://companywebsitecdn.azureedge.net/ with https. I can't proivde what i already tried with my dns because it was a lot and i don't remember all of it. Also it's already second try and everytime after failure I have wait 8 hours for another try. Thanks in advance
This is my DNS config
When you try to add your custom domain folla.com.pl in the custom domains settings of Azure CDN endpoint. Before this step, you should have a CNAME record in the following format in the DNS zone.
When you turn on the custom domain https, you don't need to make a CNAME cdnverify.folla.com.pl to cdnveriy.companywebsitecdn.azureedge.net. Read here.
If that CNAME record still exists and does not contain the cdnverify
subdomain, the DigiCert CA uses it to automatically validate ownership
of your custom domain.
If the CNAME record entry contains the cdnverify subdomain, follow the rest of the instructions in this step.
DigiCert sends a verification email to the following email addresses. Verify that you can approve directly from one of the following addresses and read here.
admin#<your-domain-name.com>
administrator#<your-domain-name.com>
webmaster#<your-domain-name.com>
hostmaster#<your-domain-name.com>
postmaster#<your-domain-name.com>
Automatic validation typically takes a few hours. If you don’t see your domain validated in 24 hours, open a support ticket.

Unable to access CDN endpoint via custom subdomain

my team and I are currently exploring using Azure static site blobs and CDN endpoints to host several web apps.
We have successfully deployed our static files to the blog storage and our entire test app loads on both the primary (name.abc.web.core.windows.net) and CDN (name.azureedge.net) endpoints. When it comes to mapping a custom subdomain via the “cdnverify” temporary step, however, I am unsuccessful.
I have very carefully followed and quintuple-checked all steps in the support doc "Tutorial: Add a custom domain to your Azure CDN endpoint" (here).
This is my current DNS config (via Namecheap).
When I skip the cdnverify step, e.g. assign the azureedge CNAME value directly to a host called “v2”, and add that as a custom domain in my Azure portal CDN blade, the subdomain begins loading the CDN endpoint and can even have a CDN-managed HTTPS cert deployed with no manual verification. A dig command to this host (v2.ourdomain.org) finds an expected response (view here).
Here's the rub, though. If I assign a CNAME host of “cdnverify.static” to “cdnverify.name.azureedge.net.” and add it as a custom domain in the portal’s CDN blade, however, this secondary subdomain never loads our endpoint, and cannot deploy an HTTPS cert. The Azure portal verified this host when added to the endpoint and a dig command to “cdnverify.static.ourdomain.org” shows this answer, which looks good.
A dig command to “static.ourdomain.org” returns no answer and a ping command says “unknown host”. This is expected since I’ve not created such a record yet, and so I am wondering how we’re meant to ensure this subdomain is verified as per the “Verify the custom domain” section in the above-mentioned doc.
It’s very important for us that the cdnverify host works and can be assigned a certificate before we permanently re-locate our domains as these apps are already in production. At this point, I am at a loss over what to try next. If possible, I’d love to know what step(s) I am missing, or what can further be done to diagnose the issue.
Many thanks to anybody who might have some advice!
The cdnverify subdomain is to create a temporary CNAME mapping to avoid interruption of web traffic. With this method, users can access your domain without interruption while the DNS mapping occurs. If you have not any existing web app work, you can skip the cdnverify step.
From your description, "a dig command to cdnverify.static.ourdomain.org shows this answer, which looks good." It indicates that the cdnverify host works and you have verified that. You just need to associate the custom domain with your CDN endpoint.
In this step, you enter your custom domain like static.ourdomain.org, including the subdomain. Do not use the cdnverify subdomain name.
After you have added the custom domain static.ourdomain.org successfully in the CDN endpoint.
At this point, your custom domain has been verified by Azure, but
traffic to your domain is not yet being routed to your CDN endpoint.
After waiting long enough to allow the custom domain settings to
propagate to the CDN edge nodes (90 minutes for Azure CDN from
Verizon, 1-2 minutes for Azure CDN from Akamai), return to your DNS
registrar's web site and create another CNAME record that maps your
subdomain to your CDN endpoint. For example, specify the subdomain as
www or cdn, and the hostname as .azureedge.net. With
this step, the registration of your custom domain is complete.
After you have completed the registration of your custom domain, verify that custom domain references your CDN endpoint.
Finally, you could freely remove the cdnverify CNAME record in your domain provider as it was necessary only as an intermediary step..
Ref: https://github.com/uglide/azure-content/blob/master/articles/cdn/cdn-map-content-to-custom-domain.md#how-to-map-custom-domain-to-content-delivery-network-cdn-endpoint

Azure DNS CNAME records

I am trying to configure Auth0 custom domains with my azure web application. It is asking for a CNAME Record to be set.
I set this up in azure with a provided dns name, and set up the values as such:
but the verify button still does not work. i heard you may need to wait a few days for it to settle, but i waited all weekend with no luck. i saw in this post i may want to remove the NS and SOA types?
Wildcard and Naked CNAME records in Azure DNS
how can i verify this domain
As far as I know, you can not use the domain *.cloudapp.azure.com as the custom domain for your Auth0 as it is owned by Azure. You need to purchase a domain from the domain provider like Godaddy to configure your custom domain. Then you could validate that domain ownership.
You can't use Azure DNS to buy a domain name. Azure DNS is a hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure. It's not necessary. You can selectly host your domain in Azure DNS.
For more references:
https://auth0.com/docs/custom-domains/auth0-managed-certificates#provide-your-domain-name-to-auth0

Adding Custom Domain to Azure CDN Endpoint Caused Downtime to CDN

When we tried to add a custom domain to our current Azure CDN endpoint, the CDN was down while it was trying to verify and issue an SSL certificate for the custom domain. I cancelled the process and everything came back after a few minutes.
I know that in the instructions it states to map the custom domain to the temporary cdnverify subdomain,https://learn.microsoft.com/en-us/azure/cdn/cdn-map-content-to-custom-domain#map-the-temporary-cdnverify-subdomain, but I think this is only if the URL we are using for the custom domain is in use. Is this correct?
Is there any way to avoid this downtime or should this not happen?
but I think this is only if the URL we are using for the custom domain
is in use. Is this correct?
Correct. The link states that when you map an existing domain that is in production. First map your custom domain to your CDN endpoint hostname with the Azure cdnverify subdomain to create a temporary CNAME mapping. so you can access your custom domain URL without interruption while the DNS mapping occurs.
Is there any way to avoid this downtime or should this not happen?
If you have verified that the cdnverify subdomain has been successfully mapped to your endpoint, you can then map the custom domain directly to your CDN endpoint hostname. After creating CNAME for your custom domain, you can delete the temporary cdnverify subdomain CNAME record. It should avoid this downtime.

Azure WebApps custom domain - CNAME pointed to azurewebsite must exist?

We are trying to migrate sites from AWS to Azure WebApps.
AS IS:
The CNAME of the existing site points to Imperva. Imperva then points to AWS Site.
TO BE:
The CNAME of the existing site points to Imperva. Imperva then points to Azure WebApp Site.
PROBLEM:
When I try to add the custom domain to azure Web Apps website, it complains with the error that the existing Site MUST have CNAME pointing to Azure Website.
see example below:
This means that as part of cutover, we need to do below:
1. Quicky update CNAME to point to azure web app
2. Once custom domain is setup in azure
3. Change the CNAME back to Imperva.
This sounds bit hacky.
Is above right approach or am I missing anything here?
The part that you're missing is the direction of the CNAME. What Azure wants to do is to ensure that you do actually have authority over that domain name. So they want you to create a CNAME that points from awverify.www.example.com to www.example.com
Once that record is created Azure will looking that record and ensure that it redirects to www.example.com. This has no impact on any existing configuration (unless you just happen to have awverify sub domain in uswe already!)
www.example.com will still work in exactly the same way as before until you are ready to move that name to Azure.

Resources