SSL Certificate Failure for novan.co.jp (DNSSEC issue suspected)

Hello Netlify Support,

I need help with an SSL certificate that continuously fails to provision for my custom domain. I believe this may be a DNSSEC issue.

  • Site Name: regal-brigadeiros-d9bbae
  • Custom Domain: novan.co.jp

Here is a summary of what has happened:

  1. I changed the nameservers at my registrar (Xdomain in Japan) to Netlify DNS on Saturday.
  2. I have waited more than 24 hours.
  3. DNS has fully propagated. The domain correctly resolves to Netlify’s servers, but my browser shows a NET::ERR_CERT_COMMON_NAME_INVALID privacy error.
  4. In the Netlify UI, I have clicked the “Verify DNS configuration” button many times.
  5. At one point today, the UI showed “DNS verification was successful”. However, when I clicked the “Provision certificate” button, it failed and reverted to the “We could not provision a Let’s Encrypt certificate” error.

Based on your documentation, I strongly suspect the root cause is that DNSSEC was enabled at my previous DNS host (Xdomain) and was not disabled before I changed the nameservers.

Could you please check your internal logs to confirm if a DNSSEC validation error is causing the certificate issuance to fail?

If so, please advise on the best next step. If it is another issue, please help me resolve it.

Thank you for your help.

I don’t see any site named regal-brigadeiros-d9bbae. Has it been renamed/deleted?