SSL certificates + nameservers

Hi everyone,

New to this forum and community, happy to be here! Immediately have a question. The Render documentation is pretty straightforward about how to configure DNS :pray: which is great, but I’ve noticed that although all my custom domains are configured, my SSL certificates still aren’t working (and aren’t working for the onrender.com website either).

urls are:
cqlt.onrender.com
cqlt.nl
www.cqlt.nl
*.cqlt.nl

My registrar (hostnet.nl) doesn’t provide ANAME or ALIAS records so I have used the A record option, configured everything as per screenshot:

[NB: the _dmarc.cqlt.nl record was already there, I didn’t create it and I don’t know what it’s for, so I thought better not to touch it. Might be that this is causing the issue]

Question number two: my nameservers still point to the hostnet servers. I’ve tried to Google for the render nameservers but can’t seem to find them. Should I change the nameservers to point to Render? If so, what are the nameservers I should use?

Any help would be appreciated!

Hey there,

Taking your questions in turn.

Question1 - your DNS looks fine. However, accessing cqlt.onrender.com directly returns a 502 error which is probably the root of your problem:

$ curl -I https://cqlt.onrender.com/
HTTP/2 502 
accept-ranges: bytes
date: Thu, 15 Jul 2021 10:12:11 GMT
via: 1.1 varnish
x-served-by: cache-lhr7353-LHR
x-cache: MISS
x-cache-hits: 0
x-timer: S1626343931.962024,VS0,VE149
vary: Accept-Encoding
content-length: 0

a 502 error is a server side error so something won’t be correct in your application so you’d need to be looking at your application logs there to figure out what’s going on.

Question2 - You’ve done exactly the right thing. You simply point your DNS records at the Render provided DNS entries, there’s no need to point at Render DNS servers, nor do they actually provide one in fact.

Hope that helps!

2 Likes

Hi John,

Thanks for that! The 502 is probably because the website currently points to an empty Github repo (I haven’t started working on the actual site yet, but wanted to configure domains first).

If that’s the reason why the SSL certificates aren’t showing up, I’m sure that will sort itself out once I have something to show on the site :slight_smile: