"SniCertificate::CertificateNonvalidError: Unable to verify challenge" with subdomain

I can’t renew my certificate…

Site name: totes-poc-fyi

Custom domain: totes.app

I have a subdomain CNAME (api.totes.app) that points to my external BaaS provider (cloud.appwrite.io)

When I try to renew my certificate in Netlify, I get the error below that mentions that subdomain. But meanwhile, DNSChecker and LetsDebug say everything looks fine with the subdomain.

SniCertificate::CertificateNonvalidError: Unable to verify challenge for api.totes.app: Invalid response from https://api.totes.app/.well-known/acme-challenge/7g72bJnE_a6Rg1ys19mPq54y6CHmBEjxymtKXpLzYok: 404

Thanks for taking a look.

Hi, @ungrok. The error message was from 2023-07-26. For troubleshooting purposes our UI always shows the last error that occurred. I’ve deleted that error message now as it isn’t useful for debugging anymore (since provisioning as long since succeeded).

You won’t be able to refresh the existing SSL certificate until it is less than 30 days before it will expire or unless the list of domain names for the site changes.

As the current SSL certificate won’t expire until October 24th (and because the domains for the site haven’t changed either), you won’t be able to renew that SSL certificate until September 24th. Please also note, the renewal on September 24th will be done automatically and if it fails for any reason we send you an email to let you know (sent to the account owner’s email address).

I hope that helps explain why there was an error message and why the SSL certificate has not renewed yet. If there are other questions or concerns, please let us know.

1 Like