Skip to main content

Multiple Clusters Syncing

An HTTP-01 challenge requires the certificate validator reach a specific cluster. Therefore, if you have multiple clusters, you can't guarantee that an HTTP-01 challenge will reach a specific cluster. In contrast, a DNS-01 challenge validates the domain by proving you control the DNS for the domain name by putting a value in a TXT record under the domain. Therefore, a DNS-01 challenge is not dependent on reaching a specific cluster or domain. As such, a DNS-01 challenge is used for multi-cluster and wildcard domains. You can use Zeet's Multi-cluster syncing feature to set up a custom domain on multiple clusters.

1. Add a replication (cluster) to your app (if necessary)

If your app is not already deployed to multiple clusters, here's how you add a replication cluster. In the "Settings" tab of your app, navigate to the "General" subtab. Under "Resources & Replication," add a new target cluster.

2. Add domain

Navigate to the "Settings" tab in your app then to the "Networking" subtab. Enter your custom domain into the input box. You will see instructions for all of your clusters. You only need to enter one set of instructions with your DNS.

3. Add DNS instructions to your domain provider

4. Sync Certificate with Cluster

After a few seconds (you may need to refresh), you will see the "Certificate Status" is "Ready" for one of the clusters. In the cluster where the "Certificate Status" is "Issuing" click on the gear icon. Under the "Sync from Cluster" dropdown, select the cluster that has the ready certificate. The SSL certificate will be copied from the other cluster. If successful, you should see "Certificate Synced with xxxxxxx" as shown below.

5. Success!

Resources