Cannot provide let's encrypt certificate even though dns verification succeeds

I’ve been attempting to activate https on my website ( for the past week to no avail. Both and have the Netlify DNS label on them in the custom domain panel, which I believe indicates that my updates to the AWS Route 53 records were correct. Clicking on Verify DNS also results in a successful message.

And yet, when I click Provision certificate, I get an error: We could not provision a Let’s Encrypt certificate for your custom domain.. When I browse, I get an alert from my browser due to an invalid certificate whose common name is *.netlify.

Has anyone else faced a similar issue?

Link to report: SSL Server Test: (Powered by Qualys SSL Labs)

It might be related to SSL certificate mismatch - #3 by visionect

Hi, @bhameyie, and welcome to the Netlify community site.

It appears that you have a Netlify DNS zone for this custom domain here:

However, the DNS zone is inactive and that will prevent us from being able to create or update SSL certificates for this custom domain.

There is more information about how to detect and fix this type of issue in this support guide:

Would you please read the support guide above and try one of the two solutions described there?

If this doesn’t fix the issue, please let us know what steps you tried and what the result was. We will be happy to research what is happening and suggest steps to resolve it.

Thanks a lot @luke! It is working now.

1 Like