Cant get my SSL certificate using my custom domain

Michael_Santos · November 12, 2024, 1:16pm

Hi. So i am having issues after i assigned my custom domain to be redirected to my netlify link. On my custom domain i have an IT guy that manage it, since it manage my entire neverbetter.pt universe, like email, etc, i don’t have access to it. I asked him to change the CNAME record to neverbetter2024.netlify.app, which he did, and checking on whatsmydns.me it is pointing for netlify correctly. i added dns on netlify, on my domain management section, and for days i keep getting error on the certificate, it stay on propagation for days and end up giving me an error, failed to provide the certificate!!
I clear cache, i redeploy, i can access on www.neverbetter.pt but only with a non secure warning message. I need help to fix it asap, please…

netlify link: neverbetter2024.netlify.app
custom domain: neverbetter.pt

i can’t find any log or whatsoever that point me to why my certificate isnt being issued!! all seems good and well configured on my hand…

Melvin · November 12, 2024, 1:43pm

Hi @Michael_Santos,

Thanks for reaching out and welcome to Netlify’s Support Forums!

With Netlify, you’ll either want to use Netlify DNS or External DNS for your productions domains.

I do see that you have a Netlify DNS Zone for neverbetter.pt here:

However, you have amenworld.com name servers configured instead of Netlify’s name servers mentioned here:

dig neverbetter.pt NS +trace | tail -n 6
;; Received 451 bytes from 2a04:6d80::1#53(a.dns.pt) in 118 ms

neverbetter.pt.		900	IN	NS	ns2.amenworld.com.
neverbetter.pt.		900	IN	NS	ns1.amenworld.com.
;; Received 92 bytes from 81.88.63.40#53(ns2.amenworld.com) in 140 ms

I’m also showing, as you mentioned, that you have a CNAME Record configured for the www. subdomain:

host www.neverbetter.pt
www.neverbetter.pt is an alias for neverbetter2024.netlify.app.
neverbetter2024.netlify.app has address 34.234.106.80
neverbetter2024.netlify.app has address 50.19.214.227
neverbetter2024.netlify.app has IPv6 address 2600:1f18:16e:df00::65
neverbetter2024.netlify.app has IPv6 address 2600:1f18:16e:df01::65

If you want to use the Netlify DNS Zone, you’ll need to make it active by using the Netlify name servers. Additionally, you’ll want to remove the CNAME Record that was created for www.neverbetter.pt.

If you don’t want to use Netlify’s name servers, you’ll want to use the External DNS configuration, which means you’ll want to remove the Netlify DNS Zone here, and then create an A Record for neverbetter.pt that points to 75.2.60.5.

You’ll then have an A Record for neverbetter.pt that points to 75.2.60.5 and a CNAME Record for www.neverbetter.pt that points to neverbetter2024.netlify.app.

You can read about inactive DNS Zones, how to detect them and fix there here:

Michael_Santos · November 14, 2024, 9:38am

Thank you so much Melvin, your amazing explanation allowed me to fix the issue that was preventing me from getting the SSL certificate!!

Keep up the amazing work!

charlottechhum · November 14, 2024, 4:52pm

Hi @Michael_Santos . So thrilled Melvin was able to help you! We’ll be here if you need anything else.

Thanks!

Topic		Replies	Views
Issue with custom domain Support netlify-dns-https-ssl	1	418	December 10, 2019
Custom Domain SSL Certificate Problem Support netlify-dns-https-ssl	2	1467	October 1, 2019
Custom Domain and custom SSL not working Support netlify-dns-https-ssl	3	3565	September 10, 2019
SSL Doesn't install Support netlify-dns-https-ssl	8	709	April 3, 2020
Let's Encrypt certificate cannot be provisioned for custom domain Support deployment	3	237	December 12, 2023

Cant get my SSL certificate using my custom domain

Related topics