2

I got one domain example.com on app engine. All subdomains a.example.com, b.example.com, c.example.com... have to point on example.com.

I'm configuring everything from Cloud DNS of Google Cloud, my configuration is like that:

*.example.com.  CNAME   300 ghs.googlehosted.com.
example.com.    AAAA    300 xxxx:xxxx:xxxx:xx::xx
example.com.    AAAA    300 xxxx:xxxx:xxxx:xx::xx
example.com.    AAAA    300 xxxx:xxxx:xxxx:xx::xx
example.com.    AAAA    300 xxxx:xxxx:xxxx:xx::xx
example.com.    A       300 xxx.xxx.xx.xx
example.com.    A       300 xxx.xxx.xx.xx
example.com.    A       300 xxx.xxx.xx.xx
example.com.    A       300 xxx.xxx.xx.xx

Already tried to do something like

*.example.com.  CNAME   300 example.com.

But not working.

If I use DIG to check my DNS, I got correct answer

;; ANSWER SECTION:
a.example.com.          300     IN      CNAME   ghs.googlehosted.com.
ghs.googlehosted.com.   218     IN      A       xxx.xxx.xxx.xxx

When I go on a.example.com from my browser, i got ERR_CONNECTION_CLOSED

tidpe
  • 201
  • 1
  • 10
  • Are you using Google Managed SSL Certificates? If yes, wildcards are not supported. Edit your question and show your App Engine configuration files. – John Hanley Jan 04 '21 at 23:51
  • Yes, I'm using google managed SSL Certificates. This configuration with app engine already working on another domain, but I'm using a custom SSL certificate and not using Google Cloud DNS. What I've done is basicallly copy/paste DNS configuration. Do you think problem is the Google SSL certificate? In that case, a.example.com over HTTP (not HTTPS), should be reachable or not? Thank you! – tidpe Jan 05 '21 at 09:19

2 Answers2

3

As @John Hanley mentioned, Google Managed SSL Certificate does not support wildcard (*.example.com).

I've just created a new certificate with Letsencrypt and wildcard seems working.

tidpe
  • 201
  • 1
  • 10
1

If you are using a Google Managed SSL Certificates then wild cards will not be supported. You can use wildcards to map subdomains at any level, starting at third-level subdomains.

Kindly refer to the below link for:

Mapping custom Domains : https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains#wildcards

Securing Custom Domains with SSL : https://cloud.google.com/appengine/docs/flexible/python/securing-custom-domains-with-ssl

Nikhil
  • 88
  • 4
  • Hi @Nikhil Mhaske, welcome to the community! For the sake of completeness, it's often desirable that the answers are self-contained, meaning that instead of just linking to documentation, the important parts should be copied into the answer. – fboaventura May 25 '21 at 20:15