SSL Issue on Subdomain

I’m experiencing an issue with the SSL certificate for my subdomain auth.tailorletter.com, which is configured as an alias for my primary site on Netlify (tailorletter.com).

:small_blue_diamond: What I’ve Tried So Far:

  1. I configured a CNAME record in Netlify DNS pointing auth.tailorletter.com to tailorletter.netlify.app.

  2. I attempted to renew the SSL certificate via the HTTPS/SSL section in the Netlify dashboard.

  3. I verified that the Let’s Encrypt certificate covers *.tailorletter.com.

  4. I’ve performed multiple deployments with adjustments in the netlify.toml file.

:small_blue_diamond: Specific Errors:

  • When accessing https://auth.tailorletter.com, I encounter the error:
    SSL handshake failed: error:1404B410:SSL routines:ST_CONNECT:sslv3 alert handshake failure
  • Browsers display messages such as
    • Safari: “Cannot establish a secure connection
    • Chrome: “The server returned an invalid response.”

:small_blue_diamond: Diagnostic Results from Commands:

  • OpenSSL Command:

    echo | openssl s_client -showcerts -servername auth.tailorletter.com -connect auth.tailorletter.com:443
    
    • Result:
    no peer certificate available
    SSL handshake has read 7 bytes and written 329 bytes
    
  • CURL Command:

    curl -v https://auth.tailorletter.com
    
    • Result:
      SSL routines:ST_CONNECT:sslv3 alert handshake failure

:white_check_mark: Current Configuration:

Primary Site: https://tailorletter.com (SSL works correctly).

Affected Subdomain: https://auth.tailorletter.com (SSL handshake fails).

DNS Settings:

auth.tailorletter.com → CNAME → tailorletter.netlify.app

Proxy in netlify.toml: Traffic for /auth/* is correctly redirected to Supabase (https://supabasealias.supabase.co).

I’m looking forward to your assistance in resolving this issue. Thank you in advance for your help!

It seems to be working fine to me.

In any case, you should not be adding the ALIAs record yourself. Delete that, remove the domain from your site settings an re-add it.