Site: thecentralityofsin (Netlify project)
Primary custom domain: thecentralityofsin dot com (www redirects to it)
DNS: Netlify DNS
My site is serving Netlify’s default netlify.app certificate instead of one for my domain, so visitors get a “certificate name mismatch” / “connection is not private” warning. An SSL Labs test confirms the served certificate covers only the netlify.app names, not my domain.
The problem: my SSL/TLS certificate section shows a stale Let’s Encrypt certificate (Created Jan 24, Expired Apr 24) whose Domains line still lists a .org wildcard, the .com, and the .org:
wildcard-dot-thecentralityofsin-dot-org, thecentralityofsin-dot-com, thecentralityofsin-dot-org
I have already removed the .org domain from my project. My Production domains list now contains ONLY:
- the netlify.app subdomain
- thecentralityofsin-dot-com (primary)
- www version (redirects to primary)
There is no .org anywhere in my domain list. But the certificate record still bundles the .org wildcard, and every renewal attempt fails trying to validate that wildcard. The errors shown have been:
Acme::Client::Error::RateLimited: too many failed authorizations (5) for the .com wildcard
and previously:
SniCertificate::CertificateValidationError: Unable to verify challenge for the .com wildcard: DNS problem: NXDOMAIN looking up TXT for the acme-challenge record
Clicking “Renew certificate” just re-fails on the .org wildcard and re-triggers the Let’s Encrypt rate limit. The dashboard no longer shows a Renew button — only “Set custom certificate.”
Request: please delete this stale certificate at your end so a fresh standard Let’s Encrypt certificate can be provisioned for ONLY my .com and its www version. I do not need or want any wildcard or any .org coverage. Thank you.