Question
In app platform a custom domain was configured but no HTTPS certificate generated, how come?
- Posted on February 22, 2023
- DigitalOcean App PlatformDNSLet's Encrypt
Asked by jochemberends
I created an app based on a docker container image from a digital ocean registry. The apps works fine on the domainname provided by the app platform. This domain name is something like https://<name-of-app>-<hash>.ondigitalocean.app/. As said the app works fine.
In settings I enabled a ‘custom’ domain, lets call it: https://myapp.example.com . A the domain name is managed by digitalocean and I can see that the platform created a CNAME record myapp.example.com IN CNAME <name-of-app>-<hash>.ondigitalocean.app 1800. However in the settings I can see that this new domain is stuck ‘configuring’ for days now. I guess it is stuck in the creation of the https certificate.
When visiting https://myapp.example.com I see that I get a response: “The site does not support a secure connection. myapp.example.com uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH” (message from a chrome backed browser - other browsers give similar message. SSLlabs reports it cannot communicate with the server securely well.)
I tried several different apps, but all seem to fail. Also it does not matter if i tried ‘basic’ setups (testing) or ‘production’ setups. It is in the AMS3 region.
I suggest something is wrong in the cert manager of either digital ocean app platform bound to the region. (hmm I could try another region as well indeed)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hey @jochemberends,
If you are using the DigitalOCean App Platform this is all done automatically. With the App Platform, DigitalOcean creates, manages, and renews your SSL certificates automatically.
If that isn’t the case and when you configure your custom domain, it’s stuck on pending for days, I’ll recommend contacting DigitalOcean’s support. Please reach out to our amazing support team who will be more than happy to assist you with your account issue! :)
Hope that helps! - KFSys.