Support Forums

SSL/TLS Certificate Issue

First I want to point out that my custom domain is working great with Netlify!
But I can’t get a SSL/TLS certificate through Netlify for one of my projects. I’ve setup a custom domain for the project. Project API ID: 754dbe21-60f3-4374-b757-f221c1f4feee
Unfortunately I can’t use Netlify DNS, my domain provider does not allow to change the NS.
The domain for my other project is also registered with the same domain provider, I don’t have any issues with the SSL/TLS certificate for that project. Project API ID: 45eb88a2-d24d-4833-87e9-05a94afc6498

In the HTTPS section of “Domain management” a 404 Error was shown while trying to do the DNS challenge to _acme-challenge.mydomain.com.
The CNAME record for _acme-challenge for my working project and for the one with issues look exactly the same.

I was once able to get a certificate for the problematic project, but only for the apex domain, not the www. domain. So I tried again via “renew certificate”. Since then, both domains (apex & www) do not have a valid certificate anymore.
Checking https://httpstatus.io/ for my domain returns the following:

Hostname/IP does not match certificate’s altnames: Host: mydomain.com. is not in the cert’s altnames: DNS:*.netlify.com, DNS:netlify.com

Now I get a rate-limit error from lets encrypt in the HTTPS section, will not try to renew the certificate for now.

Would be really nice if anyone could point me in the direction? I’ve gone through all throubleshooting steps in the documentation.
Thanks! :slight_smile:

I’ve just compared all DNS records for both domains (of the working project and the project with ssl issues) and I found a difference. The domain with certificate issues still has two AAAA records which are not pointing to Netlify. I assume this could cause issues. I’ve deleted the AAAA records for now and will check if that solves the issue. (have to wait for let’s encrypt rate limit)