Support Forums

CNAME redirect does not load certificate


I did 2 dns redirects with CNAME record, both are redirecting, however one of them says it didn’t load the certificate.

I use dreamhost

My site name: dashboardlog.netlify.app


All of them were made under the domain logsistemas.com.br

This is ok - Open the page and load the certificate correctly

This is not ok - Opens the page but does not load the certificate correctly

My domains on netlify are like this

What did I do wrong or do I still need to do? The settings have been like this for almost 1 week

Thanks in advance

Hi @developerLogSistemas

dashboard.logsistemas.com.br is a sub-domain of logsistemas.com.br.
www.dashboard.logsistemas.com.br is a sub-domain of dashboard.logsistemas.com.br

You don’t need www.dashboard.logsistemas.com.br.

Thanks, i removed www.dashboard redirect, but doesn’t load page anymore

https://dashboard.logsistemas.com.br/ → Loads ok

What should i do?

Hi, @developerLogSistemas. One issue is that there is a inactive DNS zone for this domain here:


We have a support guide about why this blocks SSL provisioning here:

You can see the real name servers for this domain by looking at the WHOIS data:

$ whois logsistemas.com.br | grep -i "nserver"
nserver:      A.DNS.BR 2001:12f8:6:0:0:0:0:10
nserver:      B.DNS.BR 2001:12f8:8:0:0:0:0:10
nserver:      C.DNS.BR 2001:12f8:a:0:0:0:0:10
nserver:      D.DNS.BR 2001:12f8:4:0:0:0:0:10
nserver:      E.DNS.BR 2001:12f8:2:0:0:0:0:10
nserver:      F.DNS.BR 2001:12f8:c:0:0:0:0:10
nserver:     ns1.dreamhost.com
nserver:     ns2.dreamhost.com
nserver:     ns3.dreamhost.com

So, step one is to delete that inactive DNS zone as everything else is working. (You can activate it instead but I’d save that change for another day and just focus on getting SSL working first.)

Next, you do need the www.dashboard CNAME DNS record if you want www.dashboard.logsistemas.com.br. Please note this is optional. While you can point this domain to Netlify you can also just use dashboard.logsistemas.com.br by itself if you want to. Again, it is up to you if you want both to point to Netlify or not. I think @coelmay was only pointing out that this is optional here:

To summarize, there are three requirements:

  1. Delete the DNS zone that is inactive.
  2. Make CNAME DNS records for any (non-apex) domain names that will point to sites at Netlify.
  3. Add the domain names you made the CNAME records for, to the site settings at Netlify (the settings in your screenshots under Site Name > Settings > Domain management > Custom domains).

After that, then click “Renew certificate” at the bottom of the same domain settings page from step three. That should work to update the SSL certificate. If not, please let us know and we will take a closer look.

1 Like

My apologies @developerLogSistemas if my statement was misinterpreted. As @luke points out, I was intending point out that this was not necessary, and is perhaps a little non-standard (e.g. this forum is answers.netlify.com and is not available via www.answers.netlify.com.)


I did the procedures as instructed, however still not loading the ssl.



I deleted the inactive zones as instructed in step 1. In step 3 after adding the domains, it seems to me that the zones were the same as they were before.

Did I do something wrong?