Domain verification using Registrobr and Heroku

Asked

Viewed 1,127 times

3

I am setting up my domain DNS in Registrobr using Pointdns (as a Heroku add-on).

Setup was done following this article: https://medium.com/trainingcenter/dom%C3%ADnio-registrobr-pointdns-heroku-f4e9ea435b04

Everything worked and my application is running. The problem is that when I try to add Automated Certificate Management (ACM). I can’t add the domains myapp.com.br.herokudns.com and www.myapp.com.br.herokudns.com (provided on Dashboard) in the Registrobr and therefore these fail when Heroku tries to verify.

I currently use the addresses provided by Pointdns (similar to what is shown in the Medium article).

What addresses should I use? I have to do some other setting in Registrobr?

  • also would like to know more about how to set up.br record for heorku with pointdns... someone know this?

2 answers

-1

One possibility that also solves is to use the Naked Domain redirect (http://wwwizer.com/naked-domain-redirect), rerouting http://domain for http://www.domain and point www.dominio as CNAME for Heroku. With this you can use the DNS of the same Registry.br.

But Pointdns is a great service and more flexible than the free DNS (included) of Registro.br, so long as the level of use you need is free it is worth using.

-1

It took me a long time to understand how I solved this, and as I did, I feel that putting my answer here could help a lot of people. Here I will try to be as complete as possible by taking a step by step, but the direct answer to the question is in Step 4.

Step 0: I need Pointdns?

Depends, but look... in the present day most likely the answer will be yes. You can use the DNS server itself that the.br registry provides, but it has no support for Records type ANAME/ALIAS, Heroku requires this for root domains. This means that although you can use www (ex.: https://www.meu-dominio.com), cannot use root for your domain (eg.: https://meu-dominio.com). Currently many people no longer type the www at the beginning and, although some modern browsers put the prefix automatically, you run the risk of your visitor typing and not being able to access your site. Because of this the DNS service of the.br registry, despite being good, does not meet all needs.

Step 1: enabling the Pointdns add-on

To properly configure ACM along with Pointdns you need to add this add-on to at least one of your apps. Note that, not necessarily you need to set up Pointdns for the app it’s connected to and can direct subdomains to other apps. As a personal experience, I have the add-on in my production app and also use it to configure the staging.

To configure:

  • Through the UI: Enter the tab Resources; on the part of add-ons, search for Pointdns in the search field and select the result that has the plan Developer.
  • By CLI: type the command: heroku addons:create pointdns:developer.

This plan is free and allows 10 Records with 10,000 monthly redirects (more than enough for a personal project).

Step 2: adding a domain to Heroku

If you haven’t already done this before, this yes you need to add in the app you will use in Heroku. To add, use:

  • Through the UI: Enter the tab Settings; on the part of Domains, click on Add Domain. Enter your domain and click next. Copy the target DNS that will appear, you will need it after.
  • By CLI: type the command: heroku domains:add www.example-domain.com. Then type the command heroku domains and copy the target DNS that will appear, you will need it after.

Obs. 1: DNS target will be something in the format papagaio-brasileiro-13fqwefrr4r.herokudns.com or something similar that ends in .herokudns.com

Obs. 2: Remember that meu-dominio.com and www.meu-dominio.com are 2 Records and, if you want to cover both user spellings, you will need to register both.

Step 3: modifying the nameservers of the.br record

If you haven’t done it yet, no problem, let’s do it now.

Before logging into your.br registration account, see list of Nameservers in the Pointdns app (you will need to be logged in) and choose the 3 that have the best location (at the time of writing they recommend 3). Add these 3 chosen ones to the list of Records like NS.

Now logging into your.br registry account:

  1. Click on the domain from the list you want to edit.
  2. In the DNS section, click Alterar Servidores DNS.
  3. Place 1 master and 2 Slaves with the 3 nameservers you chose on Pointdns.
  4. Save everything and, important, wait for at least 2 hours for these changes to spread.

Step 4: Adding DNS targets in Pointdns (valid for any other DNS service)

If you’ve been using Pointdns and you’ve been through steps 1 and 2, probably when accessing the interface you will already see some Records automatically written. Although they are valid to access the site, they will not work with ACM (Automatic Certificate Manager). For this you should use the DNS targets I said I would need on step 2.

  1. To access the Pointdns Dashboard, go to the Heroku UI in the tab Resources and click on add-on pointdns.
  2. In the Pointdns Dashboard, click the pencil to edit the record and add the respective DNS target in the field target/date, replacing whatever is there.
  3. You can add new Records for other apps if you want to use another subdomain of the same domain. To do this click Add record, select the correct type, place the subdomain and the respective DNS target in the field target/date.
  4. Once all modifications are made, allow at least 2 hours for these changes to spread.

Obs: For mastery root (that is, without the www. at the front, only meu-dominio.com) you need obligatorily type ALIAS when setting up the record. DO NOT USE CNAME TYPE FOR ROOT DOMAINS. For all the others Records subdomain (www, staging, etc), use the type CNAME.

Step 5: Ufa... over!

Only wait for at least 2 hours for these changes to spread. It looks like a beast, but I made a lot of mistakes in that part. When the changes are complete, ACM will automatically validate SSL certificates and you won’t have to worry about that anymore.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.