0

I'm doing a server-side GTM setup. I managed to set up a Google cloud App engine.

I added a custom domain (verified with Google webmaster central, added DNS records etc.).

I can see in the Cloud settings that the custom domain (actually it's a subdomain) is set up, using also Google-managed, auto-renewing SSL.

So, everything looks fine except when I try to access this custom domain (directly or while doing a GTM container preview), I get the connection error in the browser (ERR_CONNECTION_CLOSED).

Since all DNS records looks OK (I have TXT record for the GWC/ownersip verification, 4 A records and 4 AAAA records for Google cloud) I did a tracert where I can see that it gets to the google server (hop 5), but then it gets lost:

enter image description here

The last hop should be the subdomain, but it's a "random" Google server).

It's more than 24 hours from the DNS records change so I don't believe it's a DNS propagation issue (although it still might be of course but the chances are very small). So if anyone has any idea, what could be wrong, I'd be very glad :D

Boštjan
  • 63
  • 10
  • Research this type of problem on Stack Overflow before posting. Many Q and A with good tips. 1) Post the domain name. I can test and verify what is wrong in less time than this comment. If that is not possible, use Internet domain testing sites such as https://intodns.com/. They will tell you what is wrong. 2) Do not use `ping` or `tracert` unless you understand what they report and the numerous reasons they are useless. – John Hanley Jun 16 '22 at 08:39
  • Thanks for the feedback. I did try to find some tips but haven't found the question with a similar issue. I'd rather not post a domain here at the moment, but I can PM you if it's OK (found your TW handler on your profile page)? – Boštjan Jun 16 '22 at 09:13
  • Hey, I did try the tool (I'm a bit familiar with it), but it works only with domains, not subdomains, which I'm using as a custom domain. – Boštjan Jun 16 '22 at 09:20
  • Sorry, I'm a bit confused what info would you need to be able to help. I checked the subdomain's DNS records. I checked the main domain DNS records - there's nothing strange. I checked the NS records of the main domain, and then the subdomain's records on those nameservers (or better said - if the nameservers know where to route the subdomain request) and it looks fine. It still looks to me that the browser reaches the Google server but then the connection gets terminated. As if there'd be something wrong in the cloud settings (but there's really not much to do during the custom domain setup). – Boštjan Jun 16 '22 at 10:15

2 Answers2

1

I managed to repeat exactly the same setup with another subdomain (on totally different domain). I had issues with geeting Google-managed certificate - it took the App Engine a really long time to install it. But at the end it worked.

So it looks like the issue is indeed with Google and the certificate. I'll wait and let you know if this was the issue.

Edit (additional explanation): it turns out that the issue is with the client's domain which doesn't allow another CAA (in this case Google or Let's encrypt) to issue a certificate.

Boštjan
  • 63
  • 10
0

You haven't mentioned a CNAME record for the subdomain. You need a DNS record like this for the subdomain to work:

www CNAME ghs.googlehosted.com

I've assumed that www is you subdomain but you would use your subdomain if different.

new name
  • 15,861
  • 19
  • 68
  • 114
  • Hey I don't really think so - according to last documentation from Google they actually say that you shouldn't use CNAME records. But I'll try as a lat resort ;) – Boštjan Jun 16 '22 at 13:43