Thanks for this post. In my case for speedlab.ag, both requirements are met as the SSL is expired, but when I click provision certificate on netlify, the window closes and it goes back to “Use let’s encrypt certificate” no matter how many times I try.
The SSL was previously running fine through Netlify and expired 11 days ago. There were no DNS or domain changes. Could you help me in fixing this?
% host speedlab.ag
speedlab.ag has address 75.2.60.5
speedlab.ag has IPv6 address 2a01:488:42:1000:b01c:24a1:ffc3:882a
We do not have an ipv6 load balancer, so that AAAA record: speedlab.ag has IPv6 address 2a01:488:42:1000:b01c:24a1:ffc3:882a is incorrect, points to another service, and will prevent us getting a certificate.
The sites are routing correctly via http, so it appears the DNS is set up correctly, but I’m just getting vague errors when I try to provision the SSL cert. Please let me know what to try.
Assuming your DNS is set up correctly the provisioning sometimes takes a ‘while’ after you set up the custom domain. I would recommend looking now and seeing if has ‘automagically’ fixed itself. The process is not instantaneous, and the UI could use a little polish to reflect that.
Yes, it looks like it’s all set now. In past experiences setting this up, it seemed to be pretty instant, but for some reason these sites took several days. Additionally, the UI showed unspecified errors with the certs, so it was confusing. Anyway, all set now.
Hi, I followed Steps 1 to 3 from the SSL certificate troubleshopting guide to get SSL working for steirerspargel.at.
I have found no errors in the DNS configuration, yet the provisioning of the certificate won’t go through. I serve a few domains via netlify and this is the first one where SSL won’t work.
Any help is highly appreciated
Edit: as @SamO noted below, the issue has resolved itself with time. Thanks!
Hi, I just checked the site name you shared and the cert has been issued already and is working this could have been held up by a propagation issue. If you are still experiencing this problem please let me know.
Hello @fool I have web applications in my account and I pointed one as a subdomain admin.togumeso.com and SSL works but the other application that points to the main domain togumeso.com is still not able to use SSL. Can you help out? @SamO
Hi, first I am not sure if I should create a separate thread or if asking here is fine I’ll try here first
We transferred a domain (the domain is “linattendu04.fr”) to OVH the August 3 changed the default NS for netlify’s NS but we was unable to renew a certificate due to DNSSEC so we turned off DNSSEC in the OVH panel but now we are the August 10 and we still can’t renew cert
I tried to create a cert on my own with certbot with a dns challenge as quickfix until propagation end but let’s enscrypt complain about TXT missing
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: linattendu04.fr
Type: dns
Detail: DNS problem: looking up TXT for _acme-challenge.linattendu04.fr: DNSSEC: DNSKEY Missing
Domain: www.linattendu04.fr
Type: dns
Detail: DNS problem: looking up TXT for _acme-challenge.www.linattendu04.fr: DNSSEC: DNSKEY Missing
even few hours later let’s enscrypt doesn’t found any TXT (I believe in should say value missmatch instead of not found)
other hint :
my web browser is unable to get any IP from DNS over HTTPS for this domain
Hello, I have a problem with the certificate which is kinda strange, I recently switched to different mobile network provider, they upgraded my internet speed and gave me automatically some kind of internet protection for free (trial), anyways I’ve opened one of my projects on my phone and it showed a warring that the about the SSL certificate (screenshot below and also log from firefox browser).
I imediatly stopped the internet protection, but it is still not working. I cannot access my website only when using mobile connection, if I switch to Wi-Fi it is opening without any issues. I’ve tried to renew certificate from Netlify - Domain managment - Https - SSL/TLS certificate - Renew certificate. But It is still not working. Can someone help, please?