Ssl error bad cert domain

Hi, @SS-Cat, and welcome to the Netlify community site. :slight_smile:

There is a community “common issue” topic about this here:

Would you please make the changes discussed there and then try renewing the SSL certificate in the Netlify web UI at “Site Name” > Settings > Domain management > HTTPS?

If that doesn’t resolve the issue, please let us know.

Do I need to add DNS records in Netlify or just add the domain under Domain Management?

Hi @laura or @luke

Could you refresh the certificated on all the sites on my account as well?
Having problem regenerate the sites after redeploy the sites.

mockingbird team and the domains:

Thanks in advance!

I don’t know if this is related, but when I look at the HTTP response headers for my app, I get this: “write EPROTO 140051887118144:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:…/deps/openssl/openssl/ssl/record/rec_layer_s3.c:1407:SSL alert number 40”

My site is

…is this possibly related to the recent Let’s Encrypt bug?

Hi @John_Alm_Martensson! Welcome to netlify community.

Looks like the certs for all 3 sites have been automatically refreshed now. :slight_smile:

Hi @alistairfairweather! Welcome to netlify community.

Your certificate is not working due to the way you have your DNS set up. You’ll want to follow the instructions in this post to get that corrected:

Then you should be all good with SSL!

Hi @mzabriskie!

You’ll need both! But you don’t have to add the DNS records to Netlify if you’d rather keep that elsewhere. You will need to follow the directions here in that case: [Common Issue] Can I host my site on Netlify but keep my DNS at my domain registrar?

That did it, thanks Laura. (The actual issue was slightly more complex - CloudFlare was proxying that domain - but your solution prompted the fix so, thanks)

1 Like


I have the same issue as many have reported here:

The certificate is only valid for the following names: *, 


My domain is
I bought it from somewhere else, though I’ve now directed the nameservers to Netlify’s nameservers.

It seems that the SSL certs need to be updated by someone from the Netlify team. Please do the needful :pray:

Let me know if there is something I can do from my end.

Hi, @rajat404, and welcome to the Netlify community site. :+1: :

The existing SSL certificate only covered the apex/root domain and not the www subdomain.

When this occurs, the solution for this is to click the “Renew certificate” button here to have the additional domain names added:

I did click this button and the certificate has been updated now. If there are other questions or concerns, please let us know.

1 Like

@laura Hi, I am having the same issue for Could you fix that for me please? Thanks a lot!!!

Hi Laura. Thanks for refreshing all my certs without me even asking. My sites are working great. Thanks!

Hey @Timing_Liu,

Have you ensured that you’ve followed the advice in this post first?

HI @laura could you refresh my ssl certs for the following:


Hi, @turtletmusic, I’m seeing the same URL posted twice above. That URL being:

I’m seeing a valid SSL certificate for which was issued 2020-05-20 03:56:59 UTC. There is nothing to update at this time as the certificate covers all configured domain names.

We won’t process a renewal until ten days before this certificate is scheduled to expire. If there are any issues with the renewal, we’ll automatically email you to let you know.

​Please let me know if I’m missing something or if I have misunderstood this request.

Hi @Pie . the website was deployed with mailchimp
the current DNS records are:
A @

The domain I want to set up is, and now the primary domain is

There is no certificate error for but there is an error for
There is no DNS zone on, as shown in the image:

What should I do to remove the ssl error?

Hey @Timing_Liu,

Have you followed the advice given when you select “Check DNS configuration”?

It depends if you’re using Netlify DNS or not. If you are, create a zone and point your name servers to the NS records we provide. If not, you should follow this guide.

hi I’m also facing same issue for Can you please do the same.
Thank you

Hey there @rarchk, I’m not seeing an error for this domain. It’s showing as issued with no warning! :smile:

Hi, I just register a domain alias to my current website.
It says that the certificate is invalid.
Can you help me fix it?