Main domain on cPanel, subdomain on Google Blogger

Hi there. My main domain is hosted by a conventional shared hosting service, with cPanel access, but a subdomain of it is hosted by Google's Blogger service (which only gives me the option of a toggle for "HTTPS availability" (I believe it does use Let's Encrypt). I know questions have been asked before about subdomains on separate host servers, but the answers are way over my head. I am unfortunately a total noob as far as SSL, and need someone to walk me through the process of getting both the main domain and the separately-hosted subdomain HTTPS-ready.

I understand that I can issue Let's Encrypt certificates for the main domain through my cPanel. The Blogger subdomain, which is represented in my cPanel DNS settings with a CNAME record, is not among the subdomains that the cPanel Let's Encrypt applet offers to issue a certificate for.

On the Blogger end, toggling "HTTPS availability" to "on" fails, with the error message "You have not been authorized to use this domain." The help file contains this piece of (possibly relevant?) advice, but I don't know what it means:

Important: If you use CAA Records on your custom domain, add a record for letsencrypt.org, or Blogger won't create or renew your SSL certificate.

How can I get the Blogger-hosted subdomain's SSL working, and is there something specific I need to do (or avoid doing) while setting up SSL for the main domain on the other host's cPanel?

Thank you so much for the help.

3 Likes

Hi @Evan

there is your job: Sounds like you have a CAA that blocks Letsencrypt.

So

  • remove that blocking CAA entry (or)
  • create an additional CAA entry

Your domain name is required to see, which records exist.

2 Likes

Thanks. But there appears to be no CAA record in my DNS settings for the domain. Do I need to add one then? And if so, what values should the record contain?

(Note that the CAA message is a generic piece of advice I found digging through the Help, not a message that was generated for me specifically.)

3 Likes

Welcome to the Let's Encrypt Community, Evan :slightly_smiling_face:

Did you properly create the CNAME for your blog in your DNS?

Did you assign that subdomain in blogger as your 3rd party domain?

Can you share your domain name so I can check the record?

3 Likes

Thanks, griffin!

Yes, I think the CNAME is working properly, as well as the blogger domain settings. The website loads as expected.

The domain is yodasdatapad.com, and the subdomain is starwarsbooks.yodasdatapad.com.

3 Likes

Doesn't google provide free TLS on their hosting?

2 Likes

I'm checking a couple of things...

3 Likes

Your idea is completely unrelevant.

See

https://support.google.com/blogger/thread/27726020?hl=en

You have to create a DNS entry with a random like subdomain and a second CNAME to Google.

That has nothing to do with Letsencrypt certificates or with the CAA error message.

1 Like

image

2 Likes

That's where he got the CAA quote from.

3 Likes

Doesn't google provide free TLS on their hosting?

I'm not sure what the difference is between TLS and SSL. Google has a free option to switch to HTTPS, I believe using Let's Encrypt certificates issued to them, but as I explained, the problem is that Google is giving me an error and I'm wondering whether it's something I need to fix using my domain's DNS settings.

2 Likes

TLS is just the newer (more correct) name for what was SSL.

...and some people still refer to anything that provides them Internet in their homes as a "modem".

3 Likes

Everything looks fine with your domain. CAA isn't a relevant issue in this case.

Something is probably wrong on the Blogger side, but it's hard to say what. It doesn't help that it's impossible to get an answer out of Google.

If you can, I would try remove and readd the custom domain to your blog. There's a few posts around suggesting that it can be an effective way to work around this issue.

3 Likes

Thanks for the link - I can't seem to pull any useful advice our the replies in that thread though. If you have an idea of exactly what record I could add to try to fix it (including values for the record), let me know.

1 Like

Did I miss something?
Can you show a screenshot of that error?

1 Like

Ah, okay - thanks for confirming that! And yes, hard to get a response out of Google, unfortunately. I can try disconnecting and reconnecting the domain. Maybe something went wrong when I switched nameservers for the main domain a day or two ago?

I'll wait first for @griffin to reply, rather than messing with the DNS while they're still looking at it.

2 Likes

Your initial CNAME looks right. I'm trying to find the second one.

1 Like

You were given two CNAMEs by blogger to create, correct?

1 Like

@rg305 It's in my original post:

I could do a screenshot, but it wouldn't be very interesting. It's just a little box popping up next to the toggle saying exactly that, and to "follow the instructions" to fix it (without specifying which instructions they're referring to).

3 Likes

Ah! Yes, I'd forgotten about it, but I was. The second CNAME, with containing Blogger's "security tokens" appears to be there in cPanel.

Forgive me if this is a total rookie mistake, but I think I just copied and pasted that across into cPanel when I moved the nameservers to the new host for the main domain. Should I instead have disconnected and reconnected Blogger to generate new tokens for that CNAME record?

EDIT: Yes, disconnecting and reconnecting Blogger to the domain solved the problem - thanks so much to griffin for all the help!

3 Likes