Moving the DNS to a site that is currently in production doesn’t have to be intimidating. The key is to manage the time period between the time the DNS records point to your old host and the time the DNS records point to your current host.
In this article, we will show you the steps to ensure a smooth and uninterrupted migration in case you are migrating from shared hosting to VPS hosting. The topic will help you make up your new website migration checklist, and we’ll cover each step below.
To start with
We recommend that you read carefully before starting. Ideally, start the installation a few weeks before the launch date.
Start Date: Check the hostname and site to move. Make sure nothing is preventing ‘Let’s Encrypt’ from issuing an SSL certificate for the hostname. Check the TTL for all hostnames. Obtain the certificate without downtime.
First, test the certificate and transfer the DNS records.
Life: Updates DNS records to point to. At the end of the migration, you will receive a ‘Let’s Encrypt’ SSL certificate.
- Check the hostname and website you want to transfer to
Make a note of the hostnames you want to transfer, including the empty domain – for example example.com – and any subdomains – such as api.example.com and www.example.com. Next on the checklist, get your SSL certificate and make sure your certificate includes every hostname you submit. At this point you can either connect your domain to your website or wait. Don’t worry, that doesn’t mean we will start driving traffic to your website. Your DNS doesn’t point yet, so the hostname is more than just a wildcard and also allows you to test your certificate later.
If you want to be more thorough, enter a test hostname that corresponds to your own certificate, e.g. test.example.com. That way you won’t get any surprises when repeating the process with your production hostname.
- Make sure Let’s Encrypt is not blocked from issuing SSL certificates for your hostname
Some companies, organizations, and universities assign CAA or SOA records to their hostnames, which indicate which SSL Certificate Authorities can issue certificates. You must verify that your hostname does not contain this entry or that Let’s Encrypt is registered as an acceptable certificate authority. Otherwise, we cannot issue you an SSL certificate.
- TTL resolution of all hostnames
For each hostname sent, you must check the TTL in the hostname’s DNS record. You can find this value using Terminal or Google’s online search tool. TTL is the amount of time a DNS record is stored in the DNS cache before being requested again. A TTL of 3600 means that the log file is not requested again for 3600 seconds or 1 hour. For redirects, you should set a low TTL so that DNS requests a new DNS record (points to your service provider), and deletes the old DNS record as soon as possible, pointing to the old server host. You can do this from the DNS cache.
- See the Support Step-by-Step Guide for more information on this part of the process
You can only get an SSL certificate from ‘Let’s Encrypt’ if your DNS is configured correctly and points to your website. When setting up DNS records, it’s best to let your old records expire during their lifetime and your new records will be released to replace them.
However, since there are many caches (e.g. browser DNS cache), sometimes DNS propagation can take a long time. In the meantime, we still cannot automatically obtain an SSL certificate for you. Therefore, we recommend that you bring your own custom certificate for site forwarding: you can configure the certificate to hide the site before full DNS execution or before performing DNS changes to ensure the security of your site during the spawn period is available. Without a specific certificate, visitors to your site will receive a browser security warning until a Let’s Encrypt certificate is issued.
Where do you get your certificate? There are many providers to choose from, such as DigiCert and Comodo. Regardless of which provider you use, you must create a Certificate Signing Request (CSR) for your own certificate.
Conclusion
With all due care and precautions, your migration can be complete. If you want to host your email server on VPS hosting, after migration you can do the same. Here is an article that can help you.
Hoping you have understood how to migrate DNS for a production site. In case you have any doubts or questions for us, please share them in the comments section below.
Write A Comment