SSL Cert for branch deployment

Hi there,

I’d like to get a docs-next subdomain configured for my site docs-getdbt-com. It will point to a deployment of the next branch.

I added a CNAME record per the instructions here: [Support Guide] How to use Netlify’s branch deploy feature without Netlify DNS

My DNS provider already has the CNAME entry and I’ve verified it using nslookup:

$ nslookup docs-next.getdbt.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Non-authoritative answer:
docs-next.getdbt.com	canonical name = next--docs-getdbt-com.netlify.app.
Name:	next--docs-getdbt-com.netlify.app
Address: 104.248.60.43
Name:	next--docs-getdbt-com.netlify.app
Address: 104.248.63.231

Thanks!

hey there,

Can you tell me in a different way which subdomain you are looking to add to which apex domain?

Also, in order to issue an SSL cert for the subdomain, we have to be the DNS for the apex domain, is that currently the case? thanks.

Thanks for the quick response!

Here’s the deal: getdbt.com is the apex domain, and Netlify is not the DNS provider for it. However, Netlify does own the deployment of docs-getdbt-com.netlify.com, which is mapped to docs.getdbt.com via a custom domain.

We’re successfully deploying next--docs-getdbt-com.netlify.com as a branch deployment from the same Netlify site. I was hoping that we could CNAME this site as docs-next.getdbt.com, following the instructions in the support guide I linked above. Running nslookup gives an encouraging result that the CNAME mapping succeeded. When I go to visit docs-next.getdbt.com, however, it returns a 404 error (Not Found) and a missing certificate (hopefully related):

Is our better bet here to deploy the docs-next site not as a branch deployment off the existing docs-getdbt-com site, but instead by creating a new Netlify site (e.g. docs-next-getdbt-com.netlify.app) that treats the next branch as its primary deployment branch? I’m guessing that may allows us to use standard custom domains, as opposed to branch subdomains. I’m open to options!

Hi @perry, have you had a chance to look into this? I just want to know if we need to move in a different direction

Hiya @jerco and sorry to be slow to get back to you! Sadly, what you are trying won’t quite work. You have a couple of options to get close:

  1. You won’t be able to use a CNAME with that hostname to create your own branch subdomain (which is the name of the feature you’re trying to use - show the “next” branch rather than your production deploy). You need to browse with the actual branch subdomain name - so either next--docs-getdbt-com.netlify.com or next.docs.getdbt.com are the patterns that will work for a branch called next on a site with a different primary custom domain (shown here: https://app.netlify.com/sites/docs-getdbt-com/settings/domain#custom-domains). If you’d like to use this and are ok with that naming, let me know as I do need to add that to the certificate manually, after you set up the CNAME to match the above pattern

  2. If that name is a hard requirement, fear not, you can still use it for that purpose! Just have to configure it differently. You can set up a second site, connected to the same repo, using next as the PRODUCTION branch, and then apply any name you like to it - such as docs-next.getdbt.com . It is perfectly acceptable to us, to link two sites to the same repo to show different production branches, and you can choose NOT to have the main site build the next branch (here: https://app.netlify.com/sites/docs-getdbt-com/settings/deploys#deploy-contexts) so you aren’t paying for a repeated build on that second site.

Got it, thanks for the detailed explanation @fool! I’m going to go with the first option, next.docs.getdbt.com, and I’ll change the aforementioned CNAME to be:

next.docs 3600 IN CNAME next--docs-getdbt-com.netlify.app.

Does that sound right? I just want to triple-check before changing DNS records. As soon as you confirm, I’ll take care of the CNAME, and then I’ll request the manual certificate addition when that’s done.

Yup - looks good to me as long as your DNS host/service appends “.getdbt.com” to that, which I expect they do since this looks like it isn’t your first rodeo :slight_smile:

Hi @fool, we just updated the CNAME record:

$ nslookup next.docs.getdbt.com
Server:		208.67.222.222
Address:	208.67.222.222#53

Non-authoritative answer:
next.docs.getdbt.com	canonical name = next--docs-getdbt-com.netlify.app.
Name:	next--docs-getdbt-com.netlify.app
Address: 104.248.63.231
Name:	next--docs-getdbt-com.netlify.app
Address: 104.248.63.248

Could you manually add the SSL certificate?

Thank you so much for your help, I appreciate it immensely.

Sure thing, tis done!

1 Like