Can I Setup a Custom Domain for My Object Storage?

Can I setup a custom domain for my Object Storage?

Sometimes you may want to use your own custom domain name instead of the rather generic ones provided by default for your S3 compatible Object Storage. The S3 Object Storage is only available via TLS encrypted transport (https) in order to improve security. CNAME resource records only work with unencrypted transport and are not supported without showing up certificate errors.


Basically, you'll need to set up a proxy server that passes requests to the S3 Object Storage system and also provides the TLS certificate. You could use Cloudflare, for example. Please be careful when setting up such a proxy so that it doesn't modify the requests.


How do I setup a custom domain for my Object Storage?

To note the example below assumes you already have your domain set up on Cloudflare.


Also, this only works for publicly shared objects.


  1. First, make sure you have created the bucket and enabled public sharing for the bucket in the Contabo Object Storage panel.

    Note: When public sharing is enabled for a bucket, all objects within the first level of the bucket are automatically publicly shared (even if they are not explicitly shared). However, this is not true for objects in folders inside the bucket. Also enable public sharing for each folder if you want its contents to be publicly accessible.

  2. Take note of the public sharing URL. It contains your unique tenant ID, which you will need later. The URL should look like this: https://eu2.contabostorage.com/5b5de0931f634e9096479dbc6e65b207:bucket.

  3. Login to the Cloudflare Dashboard and select your domain. First, go to the DNS panel first and select Add record. Select CNAME as the type, enter a name of your choice ("objects" in this example) and enter the target. This is the first part of the public sharing URL ("eu2.contabostorage.com"):

    Search DNS records
    The final DNS record should look like this:

    Example DNS record
  4. To avoid infinite redirects, set Cloudflare to SSL mode. In the Cloudflare dashboard, go to Rules → Configuration Rules and select Create Rule. Select "hostname" as the field, "equals" as the operator, and your hostname as the value, "objects.example.com" in our example:
    Example configuration rules
  5. Scroll down to the add SSL setting and set it to "Full":

    Select SSL/TLS encryption mode set to Full
  6. Next, create a rewrite rule to shorten the final URL. Go to Rules → Transform Rules in the Cloudflare dashboard and select Create Transform Rule and Rewrite URL:
    Create transform rule dropdown
    We set the rule to match all requests for the newly added hostname, so we choose "hostname" as the field, "equals" as the operator, and your hostname as the value, which is "objects.example.com" in our example.

  7. Select Rewrite to... as Then... action, make sure it is set to "Dynamic" and enter this:

    concat("/<your unique tenant ID>:<bucket>",http.request.uri.path)

    Setting Rewrite to Dynamic and example
    With this rewrite rule, we don't need to include the tenant ID and bucket name in the URL anymore. Cloudflare will do that for us when proxying the request to the Object Storage. So we went from the original long URL https://eu2.contabostorage.com/5b5de0931f634e9096479dbc6e65b207:bucket/image.jpg to a much shorter one: https://objects.example.com/image.jpg.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article

Modified on Mon, 23 Sep at 12:29 PM

Can’t find what you’re looking for?

Get in Touch

Do you have a pre-sales question?