Table of Contents
Using Google Apps (Gsuite) with your Gandi domain
If you choose to prove your domain ownership by adding a TXT record, please see our specific instructions on verifying your domain ownership by TXT entry in your zone file.
Pointing your domain to Google's servers
With Google Apps, you'll need to create a CNAME record if you want to customize a service URL. Here is how your CNAME record would need to look for your domain with a www.
www 10800 IN CNAME ghs.google.com.
If you need help in doing this, please follow our instructions on creating CNAME records.
Using your domain with Google Apps' email
If you want to use Google apps for your email, you need to change the MX records to Google's.
To do this, you first need to create an editable copy of your zone file (if you don't know how, see this procedure).
After following the steps at the procedure linked above to create a new version of your zone file, switch to expert mode. In the “Bind Zone” field you see on the page, delete any Gandi MX records (or CNAME records ending with
mail.gandi.net), such as the following:
@ 10800 IN MX 10 spool.mail.gandi.net. @ 10800 IN MX 50 fb.mail.gandi.net. imap 10800 IN CNAME access.mail.gandi.net. smtp 10800 IN CNAME relay.mail.gandi.net. pop 10800 IN CNAME access.mail.gandi.net. webmail 10800 IN CNAME agent.mail.gandi.net.
Make sure to leave any other entries intact! Only delete the ones in the list above.
You will be replacing them with the following entries (make sure it's exactly the same as below):
@ 3600 IN MX 1 ASPMX.L.GOOGLE.COM. @ 3600 IN MX 3 ALT1.ASPMX.L.GOOGLE.COM. @ 3600 IN MX 3 ALT2.ASPMX.L.GOOGLE.COM. @ 3600 IN MX 5 ASPMX2.GOOGLEMAIL.COM. @ 3600 IN MX 5 ASPMX3.GOOGLEMAIL.COM. @ 3600 IN MX 5 ASPMX4.GOOGLEMAIL.COM. @ 3600 IN MX 5 ASPMX5.GOOGLEMAIL.COM.
Submit the changes. If you are prompted to begin using Gandi's custom DNS, be sure to accept, and don't forget to activate the new version of your zone file.
We also recommend adding the following record in your zone file, to help ensure your emails are not rejected as Spam:
@ 3600 IN TXT v=spf1 include:_spf.google.com ~all
Secure an address on Google App Engine
Google App Engine does not allow for the installation of a Gandi intermediary certificate directly. To compensate for this, and to avoid the displaying of an error to the visitor, it is necessary to combine the certificate provided by Gandi with the intermediate certificate.
After having recovered your SSL certificate from your Gandi interface, you will also need to get the intermediate certificate from Gandi in the PEM format, depending on the type of certificate purchased: http://wiki.gandi.net/fr/ssl/intermediate
You will then need to convert the certificate to text format:
openssl x509 -in GandiStandardSSLCA.pem -text -out GandiStandardSSLCAtxt.crt
and then concatenate the certificates by executing the following command in a terminal:
cat moncertificat-xxxxx.crt GandiStandardSSLCAtxt.crt > moncertificat-bundle.crt
Once these actions have been performed, the concatenated certificates will be present in the 'moncertificat-bundle.crt' file that you can then import from the Google App Engine.