Certsage attempt with 404 error

Sounds like a plan. Waiting for systeme tech response, and will heckle namecheap again.

Do you have an alternate suggestion to namecheap that would allow me to buy and manage domains, and ideally do these https redirects without hosting?

Actually, yes, if that's all you need I think you can do that with a free account at Cloudflare (completely different product than AWS' CloudFront).

This is getting even farther off-topic for Let's Encrypt. But, this topic describes redirecting apex (registered) domain names to a subdomain (www). If this suits your purpose it is just config in their DNS panels. You would set the CNAME for the www subdomain the same as you do at NameCheap (to systeme CloudFront distribution).

They have a very good docs and a great community so check it out there.

I still don't understand where LiteSpeed and Sectigo get involved or where those costs come from. So that's between you and NameCheap :slight_smile:

5 Likes

Couldn't you move your DNS to Route53 too? It would have a slight cost versus Cloudflare if that works for you.

But, the difference is Route53 allows "alias" records for the apex domain. These behave like CNAME for AWS service endpoints even on the apex name. So you can direct those requests directly to the CloudFront IPs.

I still wonder if this would work with systeme controlling the CloudFront distribution. Maybe there is some quirk which wouldn't allow that.

I mentioned this earlier but thought it worth describing more fully

5 Likes

Funny, namecheap banner saying that their "upstream provider Sectigo CA" is having uptime issues. So that answers where Sectigo comes from.

Entirely possible. In the end I am a bit out of my depth, at least enough that tinkering with this would take me days instead of hours and melt my brain. I understand and can follow directions but trouble shooting is another game.

Right now I am looking at... 30$ a year for certificates+ $44.88/year hosting... So... I have to ask myself as much as I miss being tech savvy and as much as I love puzzles.... if this is a $75/yr expense it may not be something I should be tackling right now. I thought it might be an easy fix.

I am curious what doing this all on Route53 would cost but I also like suporting the not-amazon businesses. HAH.

Having read through this entire thread, I'm still unsure of what the intended setup is and what exactly you're trying to accomplish. :thinking:

5 Likes

Hah!

Domains registered somewhere (currently namecheap),
With non-www redirecting to www,
All in https,
And the www address cname pointing to system where I build my websites,

All for the right combination of practical, affordable, and not too expertise dependent.

I tried to use letsencrypt because my certs are expiring and ended up in a rabbit hole.

At this point I might have given up.

2 Likes

I believe that you are running into many of the "classic" hosting dilemmas (e.g. CNAME for apex domain name) for which @MikeMcQ has provided great suggestions.

5 Likes

Plot twist:

I just got word back from the systeme . io technician.

Cannot edit public_html or upload files, however.... They protect all custom domains with SSL certificates built into their server.

Aka, I've been trying to add a certificate that, as you've all pointed out, would be on the wrong server and, apparently, would be redundant and unnecessary.

WHAT AN ADVENTURE THIS HAS BEEN.

1 Like

Well, that just describes how CloudFront works. They have certs for your custom domain name for anyone connecting to a CloudFront IP. You can't modify the certs they use or have access to the servers for their service (the CloudFront origin server).

You direct people to the CloudFront IP addresses in your www domain using the CNAME

It looks like NameCheap supports an "alias" feature for the apex domain (non www name). This should work much like a CNAME. It is possible you could eliminate your hosting and cert and just use their Alias feature. This would point the apex name to CloudFront the same as the CNAME does for the www name.

You should work with them for any questions about how you set that up. I had earlier suggested Route53 as it has such a feature. I wasn't aware that NameCheap supported that. It has been a long time since I've used them :slight_smile:

See this

And this:

https://www.namecheap.com/support/knowledgebase/article.aspx/10128/2237/how-to-create-an-alias-record/#:~:text=It%20is%20possible%20to%20set,our%20BasicDNS%2C%20FreeDNS%20or%20PremiumDNS.

4 Likes

I'll look into that. Thanks!

Edit I see you already answered this:
But it also seems I don't need to deal with certs then, since I'm using systeme/cloudfront?

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.