What are HTTPS and SVCB records?
HTTPS and SVCB are DNS record types that help browsers and other applications learn how to connect to a service before the connection starts.
DNS usually tells a browser where a domain points, such as an IP address through an A or AAAA record. HTTPS and SVCB records can provide additional connection details, such as:
- Whether a website supports HTTP/2 or HTTP/3
- Whether the service uses a different port
- Whether there are IPv4 or IPv6 address hints
- Whether the service supports Encrypted ClientHello, also known as ECH
These records do not replace your website hosting, SSL certificate, A record, AAAA record, or CNAME record. They provide extra information that supported browsers and applications may use when connecting to your domain.
Back to top
When to use HTTPS and SVCB records
You may need to create an HTTPS or SVCB record if your web host, DNS provider, CDN, or technical administrator gives you one to add.
Common reasons include:
- Improving HTTP/3 discovery
- Supporting advanced CDN configuration
- Publishing connection details for a web service
- Supporting ECH where available
- Creating service-specific aliasing for supported services
Most Hover customers will not need to create these records unless another provider specifically requires them.
Back to top
HTTPS records
An HTTPS record is used for websites and web services. It provides connection details for HTTPS traffic on a domain or subdomain.
Example:
example.com. 300 IN HTTPS 1 . alpn="h3,h2"In this example:
| Value | What it means |
|---|---|
| example.com. | The domain using the HTTPS record |
| 300 | The TTL, or how long DNS servers may cache the record |
| HTTPS | The DNS record type |
| 1 | The priority |
| . | The target, meaning the same domain |
| alpn="h3,h2" | The supported protocols, HTTP/3 and HTTP/2 |
An HTTPS record can also be used as an alias for HTTPS service traffic.
Example:
example.com. 300 IN HTTPS 0 target.example.net.A priority of 0 means the HTTPS service is being pointed to another target name.
SVCB records
An SVCB record, or Service Binding record, is a more general version of the HTTPS record. It can be used by services other than standard website traffic when a provider supports it.
Example:
_service.example.com. 300 IN SVCB 1 service-target.example.net. alpn="h2" port=8443In this example:
| Value | What it means |
|---|---|
| _service.example.com. | The service name |
| 300 | The TTL |
| SVCB | The DNS record type |
| 1 | The priority |
| service-target.example.net. | The service target |
| alpn="h2" | The supported protocol |
| port=8443 | The port used by the service |
SVCB records are typically used for advanced service discovery. If a provider asks you to add one, use the exact values they provide.
Common record values
Your provider may give you one or more of the following values.
| Value | What it does |
|---|---|
| priority | Tells supported clients which record to use first. Lower numbers are preferred. A value of 0 is used for aliasing. |
| target | The hostname where the service is available. A target of . means the same hostname as the record. |
| alpn | Lists supported protocols, such as h3 for HTTP/3 or h2 for HTTP/2. |
| port | Specifies a port other than the default service port. |
| ipv4hint | Provides IPv4 address hints. These do not replace A records. |
| ipv6hint | Provides IPv6 address hints. These do not replace AAAA records. |
| ech | Provides configuration for Encrypted ClientHello, when supported. |
| mandatory | Identifies values that a client must understand before using the record. |
Note: DNS values must be entered exactly as provided by your host, CDN, or service provider. Changing punctuation, spacing, quotation marks, or the target value may prevent the record from working correctly.
Adding HTTPS or SVCB records
To manage DNS records through Hover, your domain must use Hover nameservers. If your domain uses another provider’s nameservers, DNS records must be managed with that provider.
- Sign in to your Hover control panel.
- Select the domain you want to update.
- From the domain’s Overview page, select DNS.
- Select Add a record.
- Choose HTTPS or SVCB from the record type menu.
- Enter the hostname, priority, target, and record values provided by your service provider.
- Save the record.
DNS changes can take time to update across the internet. If the record does not appear immediately, allow time for DNS propagation.
Things to keep in mind
HTTPS and SVCB records are advanced DNS records. Only add them when your provider gives you the exact values.
These records do not create an SSL certificate for your website.
These records do not replace your A, AAAA, CNAME, or MX records.
IPv4 and IPv6 hints are only connection hints. They should not be treated as replacements for A or AAAA records.
If the record is entered incorrectly, supported browsers or applications may have trouble connecting to the service.
If you are unsure what values to use, contact the provider that gave you the HTTPS or SVCB record.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.