Set Up a Custom Domain
This tutorial walks you through pointing your own domain at a Temps deployment. Temps provisions a TLS certificate via Let's Encrypt automatically — you just need to add a DNS record.
What you will achieve
- Your custom domain (e.g.
app.example.com) pointing to your Temps deployment - Automatic TLS certificate from Let's Encrypt
- HTTP-to-HTTPS redirect
- Certificate auto-renewal
Time required: 10 minutes (plus DNS propagation, typically 5-30 minutes).
Prerequisites:
- A deployed application on Temps
- A domain you control with access to DNS settings
Step 1: Add the domain in Temps
Domain management in Temps is a two-phase process: first you create the domain and SSL certificate at the platform level, then you assign it to a project.
Create the domain
- Click Domains in the main sidebar (the left navigation bar, not inside a project)
- Click Add Domain in the top-right corner
- A three-step wizard opens:
Step 1 — Domain: Enter your domain name (e.g. app.example.com, example.com, or *.example.com for wildcard).
Step 2 — Challenge: Choose how Let's Encrypt verifies domain ownership:
- Name
HTTP-01 (Recommended)- Type
- Standard domains
- Description
Validates domain ownership by serving a file over HTTP. Requires port 80 to be accessible on your server. Best for single domains — just point your DNS and Temps handles the rest automatically.
- Name
DNS-01- Type
- Wildcards and advanced
- Description
Validates domain ownership via DNS TXT records. Required for wildcard certificates (
*.example.com). Also useful when port 80 is not accessible on your server.
Step 3 — Confirm: Review your configuration and click Create Domain & Start Provisioning.
Assign the domain to a project
After the domain is created, assign it to a project:
- Open your project in the Temps dashboard
- Click Domains in the project sidebar
- Click Add Domain
- Select your domain from the dropdown (it lists all domains created at the platform level)
- Choose the environment (e.g. production, staging)
- Optionally configure a redirect to another domain
- Click Add
Step 2: Configure DNS
Add the required DNS record at your domain registrar or DNS provider. The exact steps depend on your provider.
For subdomains (e.g. app.example.com)
Add a CNAME record or A record pointing to your Temps server:
| Type | Name | Value |
|---|---|---|
| A | app | YOUR_TEMPS_SERVER_IP |
Or using CNAME (if you have a Temps hostname):
| Type | Name | Value |
|---|---|---|
| CNAME | app | your-server.example.com |
For apex domains (e.g. example.com)
Apex domains (no subdomain) require an A record — CNAME records are not allowed at the zone root by DNS standards:
| Type | Name | Value |
|---|---|---|
| A | @ | YOUR_TEMPS_SERVER_IP |
For wildcard domains
Wildcard certificates (*.example.com) require DNS-01 verification. Add a TXT record:
| Type | Name | Value |
|---|---|---|
| TXT | _acme-challenge | (value shown in Temps dashboard) |
If you use Cloudflare as your DNS provider and have Temps configured with Cloudflare integration, DNS records can be managed automatically. Otherwise, add them manually.
Provider-specific instructions
1. Log in to Cloudflare dashboard
2. Select your domain
3. Go to DNS > Records
4. Click "Add record"
5. Type: A (or CNAME for subdomains)
6. Name: your subdomain (e.g. "app") or "@" for apex
7. Content: your Temps server IP
8. Proxy status: DNS only (gray cloud) — disable the orange cloud
(Temps handles TLS itself; Cloudflare proxy would interfere)
9. Click Save
Step 3: Verify DNS
After adding the DNS record, Temps automatically checks DNS propagation across multiple public DNS servers (Google, Cloudflare, Quad9, OpenDNS). You can monitor the domain status on the Domains page in the main sidebar — it shows the current state (challenge_requested, active, etc.) along with certificate renewal and expiration dates.
You can also verify manually:
# Check A record
dig +short app.example.com A
# Check CNAME record
dig +short app.example.com CNAME
# Check TXT record (for DNS-01)
dig +short _acme-challenge.example.com TXT
DNS propagation typically takes 5-30 minutes. Some providers propagate within seconds; others may take up to 48 hours in rare cases. You can use dnschecker.org to monitor propagation worldwide.
Step 4: Provision the certificate
Once DNS verification passes, Temps provisions a TLS certificate from Let's Encrypt automatically:
- Temps creates an ACME order with Let's Encrypt
- Let's Encrypt validates the challenge (HTTP-01 or DNS-01)
- Temps receives the certificate and stores it securely (private key encrypted with AES-256-GCM)
- The proxy starts serving HTTPS for your domain immediately
The domain status changes from challenge_requested to active on the Domains page once the certificate is provisioned. You will also see the certificate renewal and expiration dates.
Certificate renewal
Certificates are valid for 90 days. Temps handles renewal automatically — you do not need to take any action. The renewal process runs before the certificate expires.
Step 5: Verify HTTPS
Open your domain in a browser:
https://app.example.com
You should see:
- A valid TLS certificate (lock icon in the browser)
- Your application loading correctly
- HTTP requests redirected to HTTPS automatically
Test with curl:
# Should return your app
curl -I https://app.example.com
# Should redirect to HTTPS
curl -I http://app.example.com
Multiple domains
You can assign multiple domains to the same project. Create each domain on the Domains page in the main sidebar, then assign them to your project from the project's Domains page. Common patterns:
www and apex
Add both example.com and www.example.com. Both get separate TLS certificates and route to the same application. When assigning to a project, you can configure one as a redirect to the other using the Redirect to option in the domain assignment dialog.
Different domains per environment
| Environment | Domain |
|---|---|
| Production | app.example.com |
| Staging | staging.example.com |
| Preview | preview-branch.your-server.com (auto-assigned) |
Troubleshooting
DNS verification fails
- Double-check the DNS record type (A vs CNAME) and value
- Wait longer — some registrars propagate slowly
- Verify the record with
dig +short your-domain.com A - If using Cloudflare, ensure the proxy is disabled (gray cloud, DNS only)
Certificate provisioning fails
- DNS must be pointing to the Temps server before provisioning
- For DNS-01 challenges, the TXT record must match exactly (copy-paste from the dashboard)
- Check the error message in the domain details — it includes the Let's Encrypt rejection reason
HTTPS works but shows wrong app
- Verify the domain is assigned to the correct project and environment — check the project's Domains page
- If you recently moved the domain between projects, wait for the route table to update
Mixed content warnings
Your application loads resources over HTTP while the page is served over HTTPS. Update hardcoded http:// URLs in your application code or environment variables to use https://.