Custom Domain & SSL Setup Guide

This document provides a detailed guide on setting up custom domains for your Zesty.io instance, covering apex domains, subdomains, A records, CNAME records, and SSL certificate management.

Understanding Domain Concepts

  • Apex Domain (Root Domain):
    • This is the base domain name without any subdomains.
    • Examples include example.com or zesty.io.
  • Subdomain:
    • A subdomain is a part of your domain that precedes the apex domain, separated by a dot.
    • Examples include www.example.com, blog.example.com, or api.zesty.io.
  • A Record (Address Record):
    • An A record maps a domain or subdomain to an IPv4 address.
    • It's used when you need to point your domain directly to a server's IP address.
  • CNAME Record (Canonical Name Record):
    • A CNAME record maps a domain or subdomain to another domain name (a canonical name).
    • It's commonly used to point a subdomain to a service hosted on another domain.

Domain Setup Instructions

To connect your custom domain to your Zesty.io instance, follow these steps:

  • Obtaining Necessary Information from Zesty.io:
    • Refer to the "How to launch an instance" guide.
    • Locate the provided target hostname or IP address in your Zesty.io instance settings. This information is crucial for configuring your DNS records.
  • Configuring DNS Records:
    • Apex Domain (e.g., example.com):
      • Create or set an existing apex record with the following values:
        • Host: @ (or leave blank, depending on your DNS provider)
        • Type: A
        • Value: (Create a separate A record for each of these IP addresses):
          • 151.101.1.161
          • 151.101.65.161
          • 151.101.129.161
          • 151.101.193.161
    • Subdomain (e.g., www.example.com, blog.example.com):
      • Create or set an existing WWW record with the following values:
        • Example:
          • Host: www
          • Type: CNAME
          • Value: zesty.map.fastly.net
    • Non-Apex, Non-Standard Subdomain (e.g., api.v1.example.com):
      • This is handled the same way a standard subdomain is handled.
        • Example:
          • Host: api.v1
          • Type: CNAME
          • Value: zesty.map.fastly.net

SSL Certificate Setup

Zesty.io strongly recommends using HTTPS for secure communication.

  • Automatic SSL (Recommended):
    • Zesty.io may provide automated SSL certificate management through Let's Encrypt or similar services.
    • If so, ensure that your DNS records are correctly configured, as described above. Zesty.io will handle the certificate issuance and renewal.
  • Manual SSL (Customer provided certificate):
    • If you are providing your own SSL certificate:
      • Obtain an SSL certificate from a trusted Certificate Authority (CA).
      • Ensure the certificate covers your domain and any relevant subdomains.
      • Follow Zesty.io's instructions for uploading or configuring your SSL certificate. This typically involves providing the certificate, private key, and any intermediate certificates.

📘

For DNS based validation of your SSL, you may need to add a TXT record to your DNS. Using the ACME DNS challenge is described here.

Zesty.io should provide specific instructions for the required TXT record.

Verification

  • After configuring your DNS records, allow time for DNS propagation (typically a few minutes to 48 hours).
  • Use online DNS lookup tools (e.g., dig command, online DNS checkers) to verify that your DNS records are correctly resolving to the Zesty.io instance.
  • Access your domain in a web browser to confirm that your Zesty.io instance is accessible.
  • Verify that the SSL certificate is valid and correctly installed by viewing the certificate information in your browser.

Usecase

Let's assume you are to configure DNS for blog.example.com:

  • DNS Configuration:
    • Add a CNAME record to your DNS settings:
      • Host: blog
      • Type: CNAME
      • Value: zesty.map.fastly.net
  • SSL Setup:
    • If Zesty.io handles automatic SSL, ensure that blog.example.com is included in the domain names covered by the certificate.
    • If manual SSL is required, obtain a certificate for blog.example.com and follow Zesty.io's instructions for uploading or configuring it.
  • Verification:
    • Use DNS lookup tools to verify that blog.example.com resolves to zesty.map.fastly.net.
    • Access https://blog.example.com in a web browser to confirm the Zesty.io instance is accessible and the SSL certificate is valid.