Deleted custom domain cannot be added on a new account, Error: The domain is invalid: name overlapping_domain
We had an account with two apps running each with a custom domain. These were hosting my DEV and PROD systems:
DEV - "dev.rolr.net"
PROD - "rolr.net"
We wanted to install SSL certificates for EACH of these TWO domains, but currently Bluemix has a hard limit of only allowing ONE SSL certificate upload per account. (FYI, it is my understanding that this will soon be changing and that the limit may be lifted to FOUR SSL certificates, so watch out for this, y'all.)
As a temporary solution, I opened up a new, second DEV account (new org: "ROLR DEV") and made the first account our PROD account (new org: "ROLR PROD"). I deleted the DEV app and custom domain from the PROD account and re-created them on the DEV account
However, when I try to add the DEV custom domain to the new DEV account, I get an error:
> cf create-domain "ROLR DEV" dev.rolr.net
FAILED
Server error, status code: 400, error code: 130001, message: The domain is invalid: name overlapping_domain
The system won't release my deleted domain from the PROD account, even though I have deleted the domain, routes and app associated with the custom domain "dev.rolr.net". (I have also used the cf-command 'cf delete-domain dev.rolr.net -f' to delete the domain from the PROD account, per some other notes here.)
Now our DEV custom domain can be re-added to and deleted from the PROD account successfully, but on DEV the same error 130001 "name overlapping_domain" always occurs.
I would really like to migrate this domain to my new DEV account and secure it with its proper SSL certificate. Can anyone help shed some light on this issue?
Good news, Jim.
You can now upload up to 4 certificates with a paid account. A trial account can now upload 1 certificate.
I can reproduce the same "overlapping_domain" error if I create a subdomain in a secondary account based on a domain which already exists in another account. However, if I flip the order in which I create the domain and subdomain, then it works. For example:
Account_DEV - cf create-domain {orgname} dev.mydomain.com
then
Account_PROD - cf create-domain {orgname} mydomain.com
Once the domains are set across my two accounts, I can create CNAME entries to map to my apps in Bluemix.
There are some caveats to this approach:
You shouldn't create an app which results in a 'dev.mydomain.com' route in Account_PROD.
If you need to add something like 'prod.mydomain.com' in the future, you'll have to
cf delete-route mydomain.comin Account_PROD, create the 'prod.mydomain.com' domain, then recreate 'mydomain.com'.This approach of changing the ordering may be exposing a bug in cloudfoundry. At this time, I can't confirm whether that is or isn't the case -- I call it out in case it doesn't work in the future.
For your scenario, caveat #3 may not be a big concern since it sounds like the multiple account approach is a temporary workaround until multiple certs can be uploaded.
Thanks @jmcvea, these are the solutions I've been looking for.
This worked like a charm. I was able to delete the PROD domain and then add the DEV and then add back the PROD, in that order.
And it makes sense now to understand that since "rolr.net" is registered as a domain, that "dev.rolr.net" would be "overlapping" and get rejected as it would be a subdomain of "rolr.net"
I had a similar issue with the domain isimvid.com.
Seems to me that Bluemix makes a distinction between isimvid.com being the "domain" and www.isimvid.com being a mapped route suitable for pointing at an app, but not a true "domain" in its own right.
So my next question is: does Bluemix let you map dev.rolr.net to an app from DEV without complaint, or does it complain that the domain does not exist?
For me, I get an error when trying to CREATE www.isimvid.com, but not when mapping.
No, this doesn't work for me either. My PROD domain is "rolr.net" and the host route that is mapped to the app is "api.rolr.net". I need to add the DEV domain "dev.rolr.net", upload an SSL certificate for that wildcard domain, and map the route "api.dev.rolr.net" to the DEV app.
Maybe try adding api.dev.rolr.net to DEV? Does that work?
No that results in the same overlapping_domain error:
cf create-domain "ROLR DEV" api.dev.rolr.net
FAILED
Server error, status code: 400, error code: 130001, message: The domain is invalid: name overlapping_domain