HTTPS - SSL/TLS certificate

manudev97 · May 24, 2024, 9:31am

Hi all,
I have a problem with DNS. I have the custom domain emanueledeluca.it and this is the DNS settings on Netlify

In my domain provider, I added the A record with value 75.2.60.5 and the CNAME record with value emanueledeluca.netlify.app like this link.

In section HTTPS/SSL/TLS certificate on Netlify display the error:

We could not provision a Let’s Encrypt certificate for your custom domain.

and I if i click on “Verify DNS Configuration” display the message:

DNS verification was successful. We’re ready to provision a TLS certificate from Let’s Encrypt and install it on our CDN.

but the error persists.

Can you help me, please?
Thank’s

Emanuele

dig · May 24, 2024, 10:52am

If you are using external DNS configuration you should not have the domain configured in Netlify DNS. You must use one of the other, not both.

External DNS configuration requires the addition of an A and CNAME record only.

Netlify DNS requires changing the name servers for the domain.

manudev97 · May 24, 2024, 11:24am

If I use the external DNS, I have to click the button “Delete DNS zone”?

dig · May 24, 2024, 11:36am

Yes you need to delete the DNS zone.

manudev97 · May 24, 2024, 1:15pm

Ok, thank you!
Now I have to wait 24/48 hours?
In Domain management > Production domains, does not show Awaiting External DNS

SamO · May 24, 2024, 2:10pm

propagation can take up to 48 hours to take effect.

manudev97 · May 29, 2024, 4:04pm

I waited more than 48 hours but nothing changed. Any other suggestions?

luke · May 29, 2024, 8:18pm

Hi, @manudev97. You have an AAAA type DNS record that points somewhere that is not Netlify:

emanueledeluca.it.	14400	IN	AAAA	2001:4b78:1001::1501

That record above must be deleted before the Let’s Encrypt SSL provisioning will succeed.

Note, the TTL above is 14400. That is the time to live in seconds and 14400 seconds is four hours. This means that, at most, the deletion of the record will take four hours to complete. If no intermediary DNS resolver has cached that record, however, the deletion will be nearly instantaneous.

After the deletion is complete, you can click the “Verify DNS configuration” button on the SSL settings page to provision SSL at that time. If it doesn’t work, though, please let us know.

manudev97 · May 30, 2024, 11:22am

Hi @luke and thank’s for the answer.
I deleted the record this morning and now I clicked the “Verify DNS configuration” and “Provision certificate” buttons, but it didn’t work.

Melvin · May 30, 2024, 11:43am

Hi @manudev97,

Thanks for following up. Looking at the site now here:

I see that the SSL Certificate has been provisioned about 20 minutes ago. Looks like it just needed a bit more time.

manudev97 · May 30, 2024, 1:26pm

Yes @Melvin!
Thank you all for the support!!

Topic		Replies	Views
Lets Encrypt cert on custom domain does not update from *.netlify.com Support netlify-dns-https-ssl	3	2158	May 4, 2020
[Support Guide] SSL / TLS Certificate Provisioning Support Guides netlify-dns-https-ssl , support-guide	48	23641	September 24, 2024
SSL/TLS certificate for custom domain Support netlify-dns-https-ssl	1	1062	September 17, 2019
Waiting on DNS Propagation Support netlify-dns-https-ssl	1	1461	November 26, 2019
Waiting on dns propagation more than 48h Support netlify-dns-https-ssl	2	1741	July 23, 2020

HTTPS - SSL/TLS certificate

Related topics