Hello to all. I have a simple web in a canister, up and running. Acquire a domain via Amazon Web Server, up and running. I’m dealing with issues in the settings of Route53 → hosted zones. I create a CNAME type Record pointing to my canister url but the browser get a 404 error. If someone can give me a clue about this AWS-Canister connection I will appreciate a lot! Thanks in advance.
I see that there are many more steps to do than I had already done. Thank you very much for the link, I did not know it.
1 Like
I have followed the steps in the link and it is starting to get frustrating and challenging at the same time.
Here the linux structure and files:
static-ic-website
|-- canister_ids.json
|-- .dfx
|-- dfx.json
|-- .well-known
| |-- ic-domains
| sooshh
| |-- index.html
| |-- .ic-assets.json
Files content:
.well-known/ic-domains:
www.sooshh.com
sooshh/.ic-assets.json:
[
{
“match”: “.well-known”,
“ignore”: false
}
]
The deploy indicates a warning which as far as I have found out is nothing to be alarmed about:
WARN: 1 unmatched configuration in /home/manu/icp/static-ic-website/sooshh/.ic-assets.json config file:
WARN: {
“match”: “.well-known”,
“ignore”: false,
“allow_raw_access”: true
}
The registration process does not terminate with the JSON response {“id”:“REQUEST_ID”} of the requirement but also does not throw any of the errors listed in the link. I copy some lines that get my atention:
* Trying 147.75.108.42:443...
* Connected to icp0.io (147.75.108.42) port 443 (#0)
...
* SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: POST]
...
> POST /registrations--data HTTP/2
> Host: icp0.io
> user-agent: curl/7.88.1
> accept: */*
...
* old SSL session ID is stale, removing
< HTTP/2 404
< server: nginx
...
< x-request-id: f26268af-5bf2-5423-67b0-7cbfc9981410
...
* Connection #0 to host icp0.io left intact
* Could not resolve host: -
* Closing connection 1
AWS Hosted zone details:
www.sooshh.com – CNAME – www.sooshh.com.icp1.io
_acme-challenge.www.sooshh.com – CNAME – _acme-challenge.www.sooshh.com.icp2.io
_canister-id.www.sooshh.com – TXT-- “bum6w-7iaaa-aaaag-qdeya-cai”
Some clue about will be super apreciated! 
-
It looks like you are trying to set up the apex domain on Amazon Route 53. Unfortunately, Amazon Route 53 does not support configuring a
CNAMErecord (or one of its alternatives,ALIASorANAME) for the apex of the domain. Check the note on using an Apex domain using an alternative DNS provider. -
You should be able to set up a subdomain with the steps that you have taken. Instead of
www.sooshh.com, have you tried to update everything to maybedemo.sooshh.comor any other subdomain? What is the result then?
I follow the procedure of the point 1 and I reach the same end as in AWS DNS, a page that show:
404 Not Found
nginx
In the other hand, I realize that when I visit:
https://bum6w-7iaaa-aaaag-qdeya-cai.icp0.io/.well-known/ic-domains
it show the message:
“Body does not pass verification”.
Could it be part of the error that the registration process doesn’t register the domain?
For the point 2, I set the subdomain icp.sooshh.com and get the same result as with www: the web of the point 1. For now it’s set without subdomain.
Looking forward in my setup to write here any detail that get my attention.
Thank you for the follow-up. I am happy to try it out myself but will not have capacity until Monday at the earliest. What is your timeline?
Don’t worry, I will be doing adjustments and "experiments"these days. Have a great weekend.
1 Like
Hello, here my last attempt, I setup all again, double checking everything and always end at the same point.
curl -sLv -X POST -H 'Content-Type: application/json' https://icp0.io/registrations--data @- <<EOF
{
"name": "www.sooshh.com"
}
EOF
* Trying 145.40.67.238:443...
* Connected to icp0.io (145.40.67.238) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=boundary.dfinity.network
* start date: Mar 8 15:04:24 2024 GMT
* expire date: Jun 6 15:04:23 2024 GMT
* subjectAltName: host "icp0.io" matched cert's "icp0.io"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: POST]
* h2h3 [:path: /registrations--data]
* h2h3 [:scheme: https]
* h2h3 [:authority: icp0.io]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* h2h3 [content-type: application/json]
* Using Stream ID: 1 (easy handle 0x55636f9b0c80)
> POST /registrations--data HTTP/2
> Host: icp0.io
> user-agent: curl/7.88.1
> accept: */*
> content-type: application/json
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 404
< server: nginx
< date: Tue, 12 Mar 2024 19:53:26 GMT
< content-type: text/html
< content-length: 146
< x-frame-options: DENY
< x-content-type-options: nosniff
< x-xss-protection: 1; mode=block
< x-request-id: 0f5533a6-003e-2e8c-94e4-21a593442b45
<
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host icp0.io left intact
* Could not resolve host: -
* Closing connection 1
I don’t get any kind of json answer at the end, with an error or success.
DNS configuration with AWS and Cloudfare show the same 404 page.
The canister + .well-known/ic-domains show the text “Body does not pass verification” (I add on it sooshh.com also).
I suspect in some dfx configuration, but the canister deploy and all the folder and files are located in the correct location as I show in a post a week ago.
Where I can dig to find the issue? Thanks in advance!
1 Like
Hello @ManuA, I was able to assign a custom subdomain registered on Amazon Route 53 to a Hello World dapp example deployed on ICP mainnet.
On the Amazon Route 53:
- I followed the steps as outlined in the Amazon Route 53 DNS Configuration steps.
Whenever I made a mistake with the configuration, when I ran the following boundary node registration command, I did get an error about the configuration (ex. missing TXT, CNAME, etc.):
curl -sLv -X POST \
-H 'Content-Type: application/json' \
https://icp0.io/registrations \
--data @- <<EOF
{
"name": "CUSTOM_DOMAIN"
}
EOF
Therefore, the error that you are receiving makes me believe that there is an error with your dapp configuration.
I see that you have attempted to follow the steps already.
The most common problem that developers have had is with the .well-known/ic-domains location.
It must be within the canister files, not at the root. For example, if you want to assign an assets canister to the custom domain, you should include .well-known/ic-domains and .ic-assets.json within the assets folder.
When you build the dapp, make sure that a copy of .well-known/ic-domains and .ic-assets.json are also listed in the equivalent build folder.
From your folder structure, I believe that you may have included these files at the root instead of within the canisters.
Here is an example of a file structure (on the Hello World example): https://github.com/jennifertrin/icp-custom-domain-example
Please let us know if this helps. Sharing your Github repo might also be helpful if you continue to get stuck.
2 Likes
Hi jennifertran. Finally the domain it’s working!!! Thanks a lot for all the support. Two issues was the fault, first, following your github example I realize that I miss placed the .well-known/ic-domain file. For my taste, the explanation in the official documentation it’s a little bit confuse. I think your example must be in that explanation, it’s awesome! The second issue was in the command for registration itself, I miss the space between registration and --data
registrations--data
Now… just celebrate my first success in the ICP development!!
1 Like
Hello @ManuA I am glad that you were able to figure out the issue following the example. Congratulations on your first success with ICP development!
Thank you for suggesting that we clarify the .well-known/ic-domain location in the documentation. We’ll have it updated by EOW.
2 Likes