Skip to main content

Custom Domains

This page explains how to use Traefik Hub with custom domains.


Custom domains allow you to make your Portal or Gateway accessible at your own domain names (for example,

By using custom domains, you connect your API Portal or Gateway directly from Traefik Hub to your infrastructure without using random subdomains under the namespace.


We highly recommend the use of custom domains for production deployments!

Domains generated by Traefik Hub will change with every redeployment, resulting in a new domain.

You can control the generation of domains in the workspace settings.

Configure a Custom Domain

On your DNS provider’s site, add a CNAME record for the DNS-01 challenge and a A record with your custom domain name (for example,


A DNS CNAME (Canonical Name) record is a type of DNS (Domain Name System) record that's used to create an alias or alternative name for a domain or subdomain.

It allows you to associate a domain or subdomain with another domain or subdomain.    CNAME

In the above example, is configured as CNAME of which is needed for the DNS-01 challenge.

DNS A Record

A DNS A (Address) record is a type of DNS (Domain Name System) record that's used to map a domain or subdomain to an IPv4 (Internet Protocol version 4) address.

It associates a domain name with the corresponding IP address, allowing DNS resolvers to translate human-readable domain names into machine-readable IP addresses.

When a DNS lookup is performed for a domain or subdomain with an A record, the DNS resolver queries the authoritative DNS server for the IP address associated with that domain or subdomain.

The DNS server then responds with the IPv4 address specified in the A record.

Here's an example of how an A record looks:    IN A

In this example, the A record maps the domain to the IPv4 address (the external IP of your public load-balancer).

When someone tries to access in a web browser, their computer performs a DNS lookup to find the IP address associated with the domain.

If the A record is properly configured, it will receive the IP address as the response.

Once, you're done, your configuration should look like the following example:    CNAME A

Where is the external IP address of your public load-balancer.

DNS-01 Challenge

Behind the scenes, Traefik Hub uses ACME DNS-01 challenge type to get the certificates for your custom domains.

This challenge asks you to prove that you control the DNS for your domain name.

For better security, Traefik Hub uses CNAME records to delegate the validation to an external domain (no credentials needed, the ACME client will query the DNS system for validation).

  • Please visit the Let’s Encrypt documentation about ACME DNS-01 to learn more.