incorrect-CNAME-mapping
Incorrect CNAME Mapping
Overview
This article explains a common issue where DNS resolution fails due to incorrect CNAME record configuration, particularly when a wildcard is used in the CNAME target.
Symptom
When attempting to access an endpoint, you may encounter a resolution error.
HTTP Error:
HTTP GET on resource 'https://api.techworld360.io:443/api/v1/endpoint/' failed: Couldn't resolve address.
cURL Error:
$ curl -v api.techworld360.io
* Could not resolve host: api.techworld360.io
* Closing connection
curl: (6) Could not resolve host: api.techworld360.io
Cause
This issue is usually due to a misconfigured DNS CNAME record. Specifically, using a wildcard domain (e.g., *.ipaddress.technet360.io) as the CNAME target for a subdomain is not valid in most DNS resolvers.
Example of incorrect configuration:
api.techworld360.io → CNAME → *.ipaddress.technet360.io
Some DNS resolvers and libraries (including certain versions of cURL) do not support CNAME records that resolve to wildcard domains. Consequently, the name resolution chain breaks.
How to Verify
You can use standard DNS resolution tools to check the CNAME chain. For example, using dig:
$ dig api.techworld360.io
api.techworld360.io. 60 IN CNAME *.ipaddress.technet360.io.
*.ipaddress.technet360.io. 60 IN A 10.0.7.21
*.ipaddress.technet360.io. 60 IN A 10.0.7.22
[!IMPORTANT] The presence of a wildcard (*) in the CNAME target (the right-hand side) indicates an invalid configuration.
Solution
Update the DNS CNAME record to use a specific, Fully Qualified Domain Name (FQDN) without a wildcard.
- ❌ Incorrect:
api.techworld360.io→*.ipaddress.technet360.io - ✅ Correct:
api.techworld360.io→ipaddress.technet360.io - ✅ Correct:
*.techworld360.io→ipaddress.technet360.io
This ensures compatibility across all standard DNS resolvers and clients.