Document expected delay on CNAME change and need for CAA #4487
Conversation
|
This is only the case for users who had an existing custom domain setup and then corrected their setup to comply with the custom domains docs. This doesn't apply to new setups. Perhaps there's a way to make that clear. |
|
Also one hour apparently is not enough. It took more than 12 hours with docs.weblate.org, I've switched docs.phpmyadmin.net about two hours ago and still not working... |
Did you have a CAA record on that domain? It may have been due to that.
I don't even see that domain in the list of certificates that are pending. I see rtd-backend.phpmyadmin.net, but not docs.phpmyadmin.net. It is possible since we switched over a few weeks ago that the request to issue the certificate timed out. If you save the domain record in the Read the Docs UI ( The real answer here is I need to get this status raised up to users in the UI. |
|
It was already there, but I've removed and added it back now. And it now works.
8. srpna 2018 17:52:23 SELČ, David Fischer <[email protected]> napsal:
…> Also one hour apparently is not enough. It took more than 12 hours
with docs.weblate.org
Did you have a CAA record on that domain? It may have been due to that.
> docs.phpmyadmin.net
I don't even see that domain in the list of certificates that are
pending. I see rtd-backend.phpmyadmin.net, but not docs.phpmyadmin.net.
It is possible since we switched over a few weeks ago that the request
to issue the certificate timed out. If you save the domain record in
the Read the Docs UI
(`https://readthedocs.org/dashboard/<slug>/domains/`), it should
trigger adding the certificate again.
The real answer here is I need to get this status raised up to users in
the UI.
|
|
And yes I did have CAA on both domains, but it was properly adjusted so it should not cause additional issues.
8. srpna 2018 17:52:23 SELČ, David Fischer <[email protected]> napsal:
…> Also one hour apparently is not enough. It took more than 12 hours
with docs.weblate.org
Did you have a CAA record on that domain? It may have been due to that.
> docs.phpmyadmin.net
I don't even see that domain in the list of certificates that are
pending. I see rtd-backend.phpmyadmin.net, but not docs.phpmyadmin.net.
It is possible since we switched over a few weeks ago that the request
to issue the certificate timed out. If you save the domain record in
the Read the Docs UI
(`https://readthedocs.org/dashboard/<slug>/domains/`), it should
trigger adding the certificate again.
The real answer here is I need to get this status raised up to users in
the UI.
|
I got the UI display in #3987 which should go live within a week. |
There was a problem hiding this comment.
Would it be possible to also add the message about CAA here?
docs/alternate_domains.rst
Outdated
| @@ -52,6 +52,8 @@ This service is generously provided by Cloudflare. | |||
| or another variation. While these continue to resolve, | |||
| they do not yet allow us to acquire SSL certificates for those domains. | |||
| Simply point the CNAME to ``readthedocs.io``. | |||
|
|
|||
| If you change the CNAME, the SSL certificate issuance will take about one hour. | |||
There was a problem hiding this comment.
nitpick: I prefer "can take" rather than "will take" especially since for a new CNAME (as opposed to a changed one) this should be almost immediate.
The SSL certificate issuing takes about one hour in this case according to comment in #2652.
|
I've added CAA docs and adjusted wording based on your suggestion. |
nijel
changed the title
|
Thanks. Looks great! |
The SSL certificate issuing takes about one hour in this case according to comment in #2652.