Secure Domain Access - Configure your domain with SSL certificate and DNS routing to enable secure HTTPS access to Relvy.

Overview

This section guides you through configuring your domain for secure access to your self-hosted Relvy. This guide assumes you have set up an Application Load Balancer. If you have a custom way to direct your domain towards the application server, please contact us for guidance.

What We’ll Configure

  • SSL Certificate - Create and validate SSL certificate for HTTPS encryption
  • DNS Records - Configure CNAME records for domain routing and certificate validation
  • Load Balancer - Update ALB with HTTPS listener and SSL certificate
  • Domain Routing - Route domain traffic to the application load balancer

Step 1: Create SSL Certificate

Navigate to Certificate Manager → Request certificate

1.1 Certificate Configuration

FieldValue
Certificate typeRequest a public certificate
Domain nameapi.yourdomain.com (or your chosen subdomain)
Validation methodDNS validation
Key algorithmRSA 2048

Domain Planning - Choose a subdomain that makes sense for your organization. Common patterns include relvy.company.com, api.company.com, or incidents.company.com.

1.2 Certificate Validation

After creating the certificate, AWS will provide CNAME records for validation:

  1. Note the CNAME records - AWS will show you the exact CNAME name and value
  2. Copy both values - You’ll need these for DNS configuration
  3. Wait for validation - Don’t proceed until the certificate is issued

Example CNAME Record
Name: _abc123def456.yourdomain.com
Value: _abc123def456.abcdefghijk.acm-validations.aws.

Step 2: Configure DNS Records

In your Domain Management System (GoDaddy, Namecheap, Route53, etc.), add the following DNS records:

2.1 Certificate Validation CNAME

Add the CNAME record provided by AWS for certificate validation:

TypeNameValueTTL
CNAME<copied from AWS CNAME record><copied from AWS CNAME record>600

2.2 Domain Routing CNAME

Add a CNAME record to route your domain to the load balancer:

TypeNameValueTTL
CNAME<your subdomain><ALB endpoint from AWS>600

Domain Registrar Tips
GoDaddy: For relvy.yourcompany.com, use relvy as the name
Namecheap: Use the full subdomain as the name
Route53: Create the record in your hosted zone

2.3 Example DNS Configuration

Here’s an example for relvy.yourcompany.com:

TypeNameValueTTLPurpose
CNAME_abc123def456_abc123def456.abcdefghijk.acm-validations.aws.600SSL Certificate Validation
CNAMErelvyrelvy-app-alb-xxxxxxxxx.us-west-2.elb.amazonaws.com600Domain Routing

Step 3: Verify Certificate Issuance

3.1 Check Certificate Status

  1. Navigate to Certificate Manager
  2. Find your certificate
  3. Wait for status to change from “Pending validation” to “Issued”

3.2 Debug DNS Propagation

If the certificate is taking too long to issue, debug using:

# Check DNS propagation
nslookup <CNAME record name>
nslookup <your domain>

# Example
nslookup _abc123def456.yourcompany.com
nslookup relvy.yourcompany.com

DNS Propagation Time - DNS changes can take 5-30 minutes to propagate globally. Be patient and wait for the certificate to be issued before proceeding.

Step 4: Update Load Balancer for HTTPS

Once your certificate is issued, update the load balancer to use HTTPS.

4.1 Add HTTPS Listener

Navigate to Load Balancers → Select your ALB → Listeners

FieldValue
ProtocolHTTPS, Port: 443
Default actionForward to relvy-app-tg
SSL certificateSelect the certificate you just created
Security policyELBSecurityPolicy-TLS-1-2-2017-01

4.2 Update HTTP Listener

Select HTTP:80 listener → Edit

  • Change default action to: Redirect to HTTPS
  • Port: 443, Status code: 301

Security Best Practice - Redirecting HTTP to HTTPS ensures all traffic is encrypted and secure.

Step 5: Test Domain Access

5.1 Verify HTTPS Access

Test your domain with HTTPS:

# Test HTTPS access
curl -I https://yourdomain.com

# Test HTTP redirect
curl -I http://yourdomain.com

Next Steps

Your domain is now configured with SSL! The next steps are:

  1. Setup Slack Integration - Create Slack app (optional) in Slack Setup
  2. Deploy Application - Install Docker and deploy Relvy in Application Deployment