0

So my boss, said "I don't know, what company you were working for before. But DNS settings doesn't take 24 hours to take effect since when I started this company. "

I'm having a doubt with myself if I'm doing this AWS thing right but

Here's my key words

  1. EC2 Instance
  2. Elastic IP
  3. Load Balancer
  4. Request Certificate to Domain Provider using CNAME Verification
  5. Route 53
  6. DNS A Record
  7. DNS Nameserver

As of now, I tried all of these key words. Since changing nameserver may take few hours to take effect, mostly 24 hours.

and

DNS A record takes 4-8hours before it take effect.

Now I waited almost 1 day just to finish this and it works fine.

I know that changing nameserver may take some time but is there another way on how to implement SSL on my ec2 instance without waiting this too much? Just curious with the aws. Probably some of you will down vote this question. Since I've already done it.. But just wanted to know more deeply if there's possible way of applying ssl on Elastic IP of the instance without using Route 53 or should I say without waiting too much.

Pablo
  • 235
  • 4
  • 10

3 Answers3

1

How long it takes to propagate a DNS record depends on each individual record TTL - Time To Live.

If an A record has a TTL 86400 (seconds = 1 day) and you change it it will take up to 1 day to expire from all caches around the world and start returning the new value. If the TTL is 300 (= 5 min) it will take up to 5 mins.

These days it’s quite common to keep the TTL low. Usually between 300 and 3600 (1 hour). That ensures that the changes propagate relatively quickly.

I suggest you keep the TTL at 300 or even 60 while playing with it and increase it to 3600 once your deployment is stable. Keeping it too low forever adds some overhead that may slow down access to your site so it’s a trade off.

Hope that helps :)

MLu
  • 23,798
  • 5
  • 54
  • 81
  • DNS A record on my dns provider has the option of 4hrs and up to choose for. But in the nameserver there's no option of choosing propagation time. – Pablo May 23 '20 at 00:07
  • @RaeIan NS records must be updated at the registrar, that’s what matters. The ones in your zone should be the same but the TTL there doesn’t matter. – MLu May 23 '20 at 01:07
0

Do you mean add SSL to an elastic IP address? According to this answer, it is possible to add SSL to an IP address but rarely used. And I can say nearly impossible for personal use or a small company.

about DNS propagation read DNS RECORDS ARE NOT PROPAGATED. THEY ARE CACHED.

Muhammad Dyas Yaskur
  • 497
  • 2
  • 19
0

Here is the tip

  1. Lower your TTL
  2. If you think take too long try to use online services for A record dig such as IntoDNS, GSuite toolbox and DNS Checker.
  3. And least but not last try to dig on your local devices.
Aeterno
  • 31
  • 2