Netlify DNS Issues with 3rd Party Domain, Duplicate A Records

We recently switched to a new domain name. Both the old domain and the new domain are hosted by a 3rd party registrar, but we use Netlify’s DNS. The new domain is properly pointed to Netlify’s DNS servers. The website seems to be working alright for the most part…

However, under Domain Settings -> SSL/TLS I’m noticing the following message: doesn't appear to be served by Netlify

When I query the DNS using dig I’m noticing that there are two A records associated with the new domain I’m pretty sure this is part of the issue. When I click on Netlify DNS and look at the settings for everything appears to be correct. However, it doesn’t make sense that there would also be the same duplicate DNS settings for

Also, when I use the DNS Checker, it shows that DNS has not fully propagated, even though it’s been over 48 hours:

Thanks, and I appreciate any help regarding this matter.

Hi there! We’ve created this DNS Quickstart guide for this very purpose - to get you up and running as quickly as possible.

Please take a look - we have many resources listed at the bottom, too. And, there are tons of DNS questions you can access through our search! If your problem still persists after reading through all relevant guides, please post again and we will troubleshoot with you.

Thank you for your help. I’ve looked through most of the articles you’ve mentioned, at the bottom of the page. The main issue in this case is: duplicate A records exist for both and

There should only be one A record for each domain/subdomain. I don’t think there should be Netlify DNS settings for both and - only for the primary domain -

Basically, I have two sets of identical A records. How do I remove the Netlify DNS settings from everything except the primary domain? I need to get rid of the duplicate DNS records that are not tied to the primary domain. Thanks again.

Hi, @SeintDev. This actually is not true with our service:

There should only be one A record for each domain/subdomain.

We always return two IP addresses for CDN nodes closest to the source IP address for the DNS lookup.

When I checked the SSL certificate for this site, the error message was for a previous renewal attempt. It is not a current error. It is the last error which occurred (if any) for troubleshooting purposes.

I tested a renewal and it was successful.

To summarize, the duplicate A records are both intentional and working correctly. The SSL certificate renewal also worked correctly the first time I tested.

Regarding delays in DNS changes those are controlled by the time to live (TTL) values of the previous (not the current) DNS records:

If there are other questions or concerns, please let us know.

Thanks for the clarification @luke. I didn’t realize that was how Netlify’s CDN was supposed to work. The DNS propagation looks better today. And yes, I do realize it takes time due to TTLs. I guess I should’ve tried to renew the SSL cert again, just to see if it would work :joy: Thanks again for your prompt response!