For pledges.com(ecstatic-poitras-e85564.netlify.app) custom domain apex I cant renew the certificate, it fails with:
SniCertificate::CertificateNonvalidError: Unable to verify challenge for pledges.com: During secondary validation: The key authorization file from the server did not match this challenge
Encountered I should write to support since you can do it manually, could you please handle this?
pledges.com is not configured as outlined in the Configure external DNS for a custom domain → Configure an apex domain.
Instead of a single A record pointing to the Netlify load balancer
18.104.22.168 (or ALIAS, ANAME, or flattened CNAME) I see three A records
% dig pledges.com
pledges.com. 3600 IN A 22.214.171.124
pledges.com. 3600 IN A 126.96.36.199
pledges.com. 3600 IN A 188.8.131.52
You will need to remove the other two A records in order for the SSL certificate to renew.