Ssl error bad cert domain

@laura WOW! That was quick. Thanks a lot.

I just have a question, because I’m one that likes DIY approach. Could I have fixed it by myself? And if so, what is the trick?

Answer to this could give you a relief from further requests. :joy:

If you don’t have more than a single custom domain, you could try removing your custom domain and re-adding it again. I think that should do the trick, though I can’t be sure since we do some stuff manually on our end. Let me know if it works though if you get a chance to try it.

@laura I have the same issue for Can you help fix this?

Hi, @Wilson. I show this SSL certificate configured and working as of 15:00:50 PST (UTC-08:00) today.

The best advice I have is to check the previous DNS records for the domain and check the time to live (TTL) values for those records. Once you know the TTL, wait that number of seconds and then click the “Renew certificate” button for the SSL certificate in our web app for this site.

I say this because it appears it was automatically renewed and clicking the button likely would have worked once any previous DNS records expired (again, as controlled by their TTL values). In other words, you can get a certificate manually instead of waiting for our automated systems to try again when TTL values are the root cause (and they most often are - not always though).

If there are other questions about, please let us know and we’ll happily answer.

@luke I’m having the same SSL cert issue with

Will you please help me fix this?


Heya - you use cloudflare in front of us on your www:

$ host has address has address has IPv6 address 2606:4700:3033::681b:b923 has IPv6 address 2606:4700:3035::681b:b823

…see this article about how to disable then we should be able to get a certificate:

I’ve disabled Cloudfare. Can you please issue a cert for the following sites?

And for each year 2015-2020:

It won’t let me post a link for each year :man_shrugging:

Thank you!

You can add all the names in our UI on the domain settings page, and we’ll get a certificate automatically for the additional names :slight_smile:

Hi! I’m having a problem with my website :
When people try to access this domain, they get a SSL certificate issue (the certificate name “*” is not matching).

What do I need to do?

Thank you!

Hi @Karzam! Welcome to netlify community.

It looks like your certificate was updated yesterday. I tested your site and I am not getting the issue. Are things working as expected now for your other site visitors?

Hi, i’m havind the same problem in my site
i am using cloudflare hostname, and followed steps here in the forum to configure, but apeared this error

Hi, @SS-Cat, and welcome to the Netlify community site. :slight_smile:

There is a community “common issue” topic about this here:

Would you please make the changes discussed there and then try renewing the SSL certificate in the Netlify web UI at “Site Name” > Settings > Domain management > HTTPS?

If that doesn’t resolve the issue, please let us know.

Do I need to add DNS records in Netlify or just add the domain under Domain Management?

Hi @laura or @luke

Could you refresh the certificated on all the sites on my account as well?
Having problem regenerate the sites after redeploy the sites.

mockingbird team and the domains:

Thanks in advance!

I don’t know if this is related, but when I look at the HTTP response headers for my app, I get this: “write EPROTO 140051887118144:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:…/deps/openssl/openssl/ssl/record/rec_layer_s3.c:1407:SSL alert number 40”

My site is

…is this possibly related to the recent Let’s Encrypt bug?

Hi @John_Alm_Martensson! Welcome to netlify community.

Looks like the certs for all 3 sites have been automatically refreshed now. :slight_smile:

Hi @alistairfairweather! Welcome to netlify community.

Your certificate is not working due to the way you have your DNS set up. You’ll want to follow the instructions in this post to get that corrected:

Then you should be all good with SSL!

Hi @mzabriskie!

You’ll need both! But you don’t have to add the DNS records to Netlify if you’d rather keep that elsewhere. You will need to follow the directions here in that case: [Common Issue] Can I host my site on Netlify but keep my DNS at my domain registrar?

That did it, thanks Laura. (The actual issue was slightly more complex - CloudFlare was proxying that domain - but your solution prompted the fix so, thanks)

1 Like


I have the same issue as many have reported here:

The certificate is only valid for the following names: *, 


My domain is
I bought it from somewhere else, though I’ve now directed the nameservers to Netlify’s nameservers.

It seems that the SSL certs need to be updated by someone from the Netlify team. Please do the needful :pray:

Let me know if there is something I can do from my end.