Support Forums

SSL/TLS certificate error for apex domain


I’m having problem setting up the correct SSL/TLS certificate for my apex/root domain.
The certificate for the www subdomain is correct but for the apex/root domain i receive the following SSL error when i do a curl request on the apex domain:
“no alternative certificate subject name matches target host name”.

I then tried to renew the certificate in the admin domain management area but the following error occurs:

My netlify domain is https://ps-fox.netlify.app and my own domain (external dns provider) is psfox.ch
The setup part with the domains looks correctly, no errors in the configuration part.

Did I made something wrong? Can you help me with the setup.

Regards and thank you for your help

Welcome to the forums @mister-green

This AAAA record is possibly the cause

psfox.ch.		300	IN	AAAA	2a00:d70:0:a::166
1 Like

Hi @mister-green,

I see that the A record for psfox.ch points to and the CNAME record for www.psfox.ch points to ps-fox.netlify.app correctly. As @coelmay mentioned, the AAAA record for psfox.ch is the likely cause of the issue. Can you remove that record from your registrar or DNS provider?

Hi @Melvin and @coelmay

Thank you for your help. This IPV6 record was the problem. After I removed the AAAA record i could regenerate the certificate and it’s now valid for both hosts. :smiley: