Sunday, 9 Jun 2024 at 12:21

As a follow-up to my last post which ended in "now it is time to give it some time" I can now happily announce that this journal lives on a custom (sub-) domain to my old main domain.

It wasn't all that easy though, and it took several attempts where I was in conversation with the very helpful Effie from the support team.

At first it blankly refused, despite me being certain I had done the A-record in my DNS settings completely correct (managing domains and servers has been a part of my job for the last 25 years). I got the dreaded "Invalid Listed Domain" email as a response, no matter how many times I tried. I sent off an email to the support basically asking for advice.

My issue was also that what I experienced when typing in my domain name in the browser, was exactly the same as the e-mail stated was a verification of that I had done it correctly: I ended up on a warning message saying "the certificate for this domain isn't correct" and then you can choose to still go to the site (or to "turn back"). I had that. But then I kept getting the "Invalid Listed Domain" emails, which suggested it wasn't correct after all. Somewhat confusing.

Also, when I tried to ping the domain it returned the IP address I had been instructed to put in - the domain seemed to resolve and to point and the listed.to service, but it wasn't being picked up and instead forwarded me to the root listed.to domain/site.

One of the suggested solutions was to ensure my domain wasn't cached/routed via Cloudflare, as that apparently can cause problems. As I don't use Cloudflare at all, very much so on purpose for private reasons, I knew that wasn't going to be my problem. It did make me look around to ensure I didn't have any other caching/routing going on though (that I might have forgotten about), but no, I didn't.

Another suggestion was to (temporarily) disable DNSSEC on my domain (it was indeed active). It made no difference and I got another "Invalid Listed Domain" emails.

Effie then suggested I lower the TTL of the DNS record entry. Figured I should give it a go as I had nothing to lose. I lowered it from 10800 (default) to 300 (the lowest number gandi.net would allow). I re-submitted my custom domain request in the listed.to settings panel. I got the same result as always, i.e. the "Invalid Listed Domain" email.

Before replying to Effie though that it didn't work I figured I should give it some time, again, but literally, to ensure there wasn't any TTL timings still floating around somewhere. I waited 12 hours and then re-submitted my domain request again in the listed.to settings panel. Yay! It worked!

So this is me documenting it for the event that someone else has a similar problem. In my case my domain is managed via gandi.net, no caching/routing, it had DNSSEC enabled and a 10800 TTL as a default. It seems like it is worth flicking some switches, temporarily, when submitting your domain request, at least if you get error messages but don't understand why.

Thanks Effie! :)