Hello everyone,
For pledges.com(ecstatic-poitras-e85564.netlify.app) custom domain apex I cant renew the certificate, it fails with:
SniCertificate::CertificateNonvalidError: Unable to verify challenge for pledges.com: During secondary validation: The key authorization file from the server did not match this challenge
Encountered I should write to support since you can do it manually, could you please handle this?
Thanks!
Hey @ardailgaz
pledges.com is not configured as outlined in the Configure external DNS for a custom domain → Configure an apex domain.
Instead of a single A record pointing to the Netlify load balancer 75.2.60.5 (or ALIAS, ANAME, or flattened CNAME) I see three A records
% dig pledges.com
pledges.com. 3600 IN A 99.83.190.102
pledges.com. 3600 IN A 75.2.60.5
pledges.com. 3600 IN A 75.2.70.75
You will need to remove the other two A records in order for the SSL certificate to renew.