Launching the Platform/Self-hosted: On-prem/Prerequisites
Domain and tls configuration
Configure domain names and TLS certificates for your self-hosted platform
Overview
Purpose
- Secure platform access
- Service-to-service communication
- API endpoint security
- User authentication
Requirements
- Registered domain name
- DNS management access
- Ability to create DNS records
- TLS certificate provider
Domain configuration
1. Configure Main Domain
- Create an A record pointing to your ingress controller IP
- Example:
platform.company.com → 203.0.113.1
2. Add Wildcard Subdomain
- Create a CNAME record for all subdomains
- Pattern:
*.platform.company.com → platform.company.com
Tls configuration
Quick Setup with Cloudflare
Add Domain to Cloudflare
- Transfer DNS management
- Update nameservers
Configure SSL/TLS
- Purchase Advanced Certificate Manager (ACM)
- Enable Total TLS
- Set SSL/TLS mode to Full (Strict)
Benefits
- Automatic certificate management
- DDoS protection included
- Easy wildcard certificate support
- Global CDN
Information collection
Required values for platform installation
- Domain name (e.g.,
platform.company.com) - Ingress annotations (if using cert-manager:
cert-manager.io/cluster-issuer: "letsencrypt") - TLS secret name for the certificate
- SSL redirect setting (
trueorfalse)
Troubleshooting
DNS Issues
Not Resolving
- Verify A record IP
- Check CNAME configuration
- Allow DNS propagation (48h max)
Wrong IP
- Confirm ingress controller IP
- Update DNS records
- Clear local DNS cache
Certificate Issues
cert-manager
- Check issuer status
- Verify DNS01 challenge
- Review cert-manager logs
Cloudflare
- Verify SSL/TLS mode
- Check certificate status
- Confirm proxy status
Need help? Contact [email protected] if you encounter any issues.