1

I have a web application where users can create individual websites with different subdomains, e.g., subdomain1.mydomain.com subdomain2.mydomain.com

I purchased the domain through GoDaddy, and I have a wildcard A-record set up to my hosting service (i.e., * points to HOSTING_IP).

I'm trying to set up a specific subdomain SECURE with an SSL certificate. I've created a CName on GoDaddy and have pointed that to a specific server on which I set up the SSL, i.e., secure.mydomain.com points at SSL_IP

Currently, secure.mydomain.com is still pointing at HOSTING_IP. Is there anyway to prioritize the CNAME over the ARecord? Has anyone done this on GoDaddy? Or could you recommend a different service I could use to get this set up? Alternatively, is there a better way for me to do this?

Many thanks in advance!

  • Are you sure you have waited long enough after making these changes for any [DNS caches](http://serverfault.com/questions/153690/why-arent-our-dns-records-propagating-out-into-the-internet/153723#153723) to have been cleared? – Zoredache Aug 09 '10 at 22:12

2 Answers2

0

If SSL_IP and HOSTING_IP are two different IP addresses, all you have to do is create the SSL_IP record before the HOSTING_IP record. If godaddy's DNS service doesn't allow you to do this, look at something like everydns.net, which is free and IMO better.

Tony
  • 482
  • 3
  • 3
0

The way wildcard records are supposed to work is a specific entry will override all possible wildcards.

E.g, (taken from RFC 1034):

*.exmaple.com MX 10 a.x.COM
a.x.com       IN A  1.2.3.4
a.x.com       MX 10 a.x.com

The MX record needed to be explicitly stated for a.x.com because "the effect of the wildcard at *.X.COM is inhibited in the A.X.COM subtree by the explicit data for A.X.COM. Note also that the explicit MX data at...A.X.COM is required".

Now, you've explained your situation with prose rather than merely and clearly listing your setup. In particular: "I've created a CName on GoDaddy and have pointed that to a specific server on which I set up the SSL, i.e., secure.mydomain.com points at SSL_IP" doesn't make any sense. CNAME RRs point to names, not IPs.

The correct configuration is:

*.example.com      IN A 1.2.3.4 ; HOSTING_IP
secure.example.com IN A 2.3.4.5 ; SSL_IP

No CNAMEs are used. This should work.

Edit: Also, order when choosing wildcards over specific RRs does not matter. The wildcard could come first and the specific RR will still be chosen.

Mark Wagner
  • 17,764
  • 2
  • 30
  • 47