Tutorial: Create DNS records in a custom domain for a web app

You can configure Azure DNS to host a custom domain for your web apps. For example, you can create an Azure web app and have your users access it using either www.contoso.com or contoso.com as a fully qualified domain name (FQDN).

To do this, you have to create three records:

  • A root "A" record pointing to contoso.com
  • A root "TXT" record for verification
  • A "CNAME" record for the www name that points to the A record

In this tutorial, you learn how to:

  • Create an A and TXT record for your custom domain
  • Create a CNAME record for your custom domain
  • Test the new records
  • Add custom host names to your web app
  • Test the custom host names

If you don’t have an Azure subscription, create a free account before you begin.

Prerequisites

  • An Azure account with an active subscription.

  • A domain name that you can host in Azure DNS. You must have full control of this domain. Full control includes the ability to set the name server (NS) records for the domain.

  • A web app. If you don't have one, you can create a static HTML web app for this tutorial.

  • An Azure DNS zone with delegation in your registrar to Azure DNS. If you don't have one, you can create a DNS zone, then delegate your domain to Azure DNS.

Note

In this tutorial, contoso.com is used as an example domain name. Replace contoso.com with your own domain name.

Azure Cloud Shell

Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell preinstalled commands to run the code in this article, without having to install anything on your local environment.

To start Azure Cloud Shell:

Option Example/Link
Select Try It in the upper-right corner of a code or command block. Selecting Try It doesn't automatically copy the code or command to Cloud Shell. Screenshot that shows an example of Try It for Azure Cloud Shell.
Go to https://shell.azure.com, or select the Launch Cloud Shell button to open Cloud Shell in your browser. Button to launch Azure Cloud Shell.
Select the Cloud Shell button on the menu bar at the upper right in the Azure portal. Screenshot that shows the Cloud Shell button in the Azure portal

To use Azure Cloud Shell:

  1. Start Cloud Shell.

  2. Select the Copy button on a code block (or command block) to copy the code or command.

  3. Paste the code or command into the Cloud Shell session by selecting Ctrl+Shift+V on Windows and Linux, or by selecting Cmd+Shift+V on macOS.

  4. Select Enter to run the code or command.

Note

We recommend that you use the Azure Az PowerShell module to interact with Azure. See Install Azure PowerShell to get started. To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.

Sign in to Azure

Sign in to the Azure portal.

Create the A record

An A record is used to map a name to its IP address. In the following example, assign "@" as an A record using your web app IPv4 address. @ typically represents the root domain.

Get the IPv4 address

In the left navigation of the App Services page in the Azure portal, select Custom domains, then copy the IP address of your web app:

Screenshot of Azure App Service Custom domains page showing the web app I P address.

Create the record

To create the A record, use:

New-AzDnsRecordSet -Name "@" -RecordType "A" -ZoneName "contoso.com" `
 -ResourceGroupName "MyAzureResourceGroup" -Ttl 600 `
 -DnsRecords (New-AzDnsRecordConfig -IPv4Address "<ip of web app service>")

Important

The A record must be manually updated if the underlying IP address for the web app changes.

Create the TXT record

App Services uses this record only at configuration time to verify that you own the custom domain. You can delete this TXT record after your custom domain is validated and configured in App Service.

Note

If you want to verify the domain name, but not route production traffic to the web app, you only need to specify the TXT record for the verification step. Verification does not require an A or CNAME record in addition to the TXT record.

To create the TXT record, use:

New-AzDnsRecordSet -ZoneName contoso.com -ResourceGroupName MyAzureResourceGroup `
 -Name "@" -RecordType "txt" -Ttl 600 `
 -DnsRecords (New-AzDnsRecordConfig -Value  "contoso.azurewebsites.net")

Create the CNAME record

If your domain is already managed by Azure DNS (see DNS domain delegation), you can use the following example to create a CNAME record for contoso.azurewebsites.net. The CNAME created in this example has a "time to live" of 600 seconds in DNS zone named "contoso.com" with the alias for the web app contoso.azurewebsites.net.

New-AzDnsRecordSet -ZoneName contoso.com -ResourceGroupName "MyAzureResourceGroup" `
 -Name "www" -RecordType "CNAME" -Ttl 600 `
 -DnsRecords (New-AzDnsRecordConfig -cname "contoso.azurewebsites.net")

The following example is the response:

    Name              : www
    ZoneName          : contoso.com
    ResourceGroupName : myazureresourcegroup
    Ttl               : 600
    Etag              : 8baceeb9-4c2c-4608-a22c-229923ee185
    RecordType        : CNAME
    Records           : {contoso.azurewebsites.net}
    Tags              : {}

Test the new records

You can validate the records were created correctly by querying the "www.contoso.com" and "contoso.com" using nslookup, as shown below:

PS C:\> nslookup
Default Server:  Default
Address:  192.168.0.1

> www.contoso.com
Server:  default server
Address:  192.168.0.1

Non-authoritative answer:
Name:    <instance of web app service>.cloudapp.net
Address:  <ip of web app service>
Aliases:  www.contoso.com
contoso.azurewebsites.net
<instance of web app service>.vip.azurewebsites.windows.net

> contoso.com
Server:  default server
Address:  192.168.0.1

Non-authoritative answer:
Name:    contoso.com
Address:  <ip of web app service>

> set type=txt
> contoso.com

Server:  default server
Address:  192.168.0.1

Non-authoritative answer:
contoso.com text =

        "contoso.azurewebsites.net"

Add custom host names

Now, you can add the custom host names to your web app:

set-AzWebApp `
 -Name contoso `
 -ResourceGroupName <your web app resource group> `
 -HostNames @("contoso.com","www.contoso.com","contoso.azurewebsites.net")

Test the custom host names

Open a browser and browse to http://www.<your domain name> and http://<you domain name>.

Note

Make sure you include the http:// prefix, otherwise your browser may attempt to predict a URL for you!

You should see the same page for both URLs. For example:

Screenshot of the contoso Azure App Service Web App accessed via web browser.

Clean up resources

When no longer needed, you can delete all resources created in this tutorial by deleting the resource group MyAzureResourceGroup:

  1. On the Azure portal menu, select Resource groups.
  2. Select the MyAzureResourceGroup resource group.
  3. On the Overview page, select Delete resource group.
  4. Enter MyAzureResourceGroup and select Delete.

Next steps

In this tutorial, you learned how to create DNS records in a custom domain for a web app. To learn how to create alias records to reference zone records, continue with the next tutorial: