Custom Domain - Getting Errors

Question

Getting this error despite having same records on my dns records via the microsoft admin center. Checking through Azure CLI, the text record can not be found.

Answer 1

Hi @Kemi AKINWEHINMI,

Thank you for reaching us regarding some DNS validation issues with your custom domain setup.

Azure App Service validates custom domains only using public DNS resolution from the authoritative name servers of the domain.

Although the TXT and CNAME records appear correctly in the Microsoft Admin Center, they are not being resolved publicly, which is why:

• Azure validation fails
• Azure CLI cannot find the TXT record
• The error says “expected DNS records are not found”

Custom Domain - Getting Errors Getting this error despite having same records on my dns records via the microsoft admin center. Checking through Azure CLI, the text record can not be found.

Required DNS Records for Subdomain Validation

For a subdomain like intranet.otcfin.com:

• CNAME Record: Maps the subdomain to your App Service's hostname.
  • Host: intranet
  • Value: Your app's hostname (e.g., intranet-frontend-otc-bdhvbmc4gigyfner.spaincentral-01.azurewebsites.net as shown in your screenshot).
• TXT Record: Verifies domain ownership to prevent subdomain takeovers.
  • Host: asuid.intranet
  • Value: The unique domain verification ID provided by Azure (a long hexadecimal string, e.g., 574A14FEDACDFC6DDBDD61BE8667AC12919522714930E48B17767849B5D4641DE note that DNS values are case-insensitive, but the string must match exactly).

Recommended Steps:

1. Check record values in Azure:
   • Go to App Service > Custom domains > Add custom domain.
   • Enter your domain and copy the TXT verification ID exactly into your DNS.
2. Verify with your DNS provider:
   • Ensure CNAME and TXT records are added, saved, and active.
   • Double-check hostnames for typos.
3. Test DNS propagation:
   • TXT: nslookup -q=TXT asuid.intranet.otcfin.com (Windows) or dig TXT asuid.intranet.otcfin.com (macOS/Linux).
   • CNAME: nslookup intranet.otcfin.com.
   • Or use online tools like MXToolbox or DNS Checker.
4. Retry validation in Azure:
   • Wait 15–30 minutes for propagation.
   • Click Validate in the portal; green checkmarks should appear for both records.
   • If only TXT validates, add the CNAME afterward if needed.

Reference:
https://learn.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain?tabs=root%2Cazurecli
https://learn.microsoft.com/en-us/troubleshoot/azure/app-service/connection-issues-with-ssl-or-tls/troubleshoot-custom-domain-issues-azure-app-service
https://learn.microsoft.com/en-us/azure/app-service/reference-dangling-subdomain-prevention
https://learn.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover

Please let us know if the above has been helpful to you or if you need additional assistance with this matter.

If you found the information helpful, please "upvote" and "accept". This will help us and other members of the community as well.

Answer 2

Hi,

The name servers for your domain are ns1.hostcentric.com and ns2.hostcentric.com. To add the necessary TXT and CNAME records you need to sign in to your domain registrar/hosting account that is connected to hostcentric.

I'm unfamiliar with hostcentric so I can't tell you whether you need to sign in to your Network Solutions account (your domain registrar) or some other portal.

Please click Accept Answer and upvote if the above was helpful.

Thanks.

-TP