[Support Guide] SSL / TLS Certificate Provisioning

Hi!

My TSL Certificate expired 8 days ago, and have tried to renew it a few times. Domain millasini.net → wedding-wonderland.netlify.app. The error message: millasini.net doesn’t appear to be served by Netlify.

I have not done any updates to the dns configurations and this error occured when certificate was expired.

DNS configuration is not correct for this domain @jfrantila

$ dig millasini.net
millasini.net.		4415	IN	A	75.2.60.5
millasini.net.		4415	IN	A	198.51.44.9
millasini.net.		4415	IN	A	198.51.45.9
millasini.net.		4415	IN	A	198.51.45.73
millasini.net.		4415	IN	A	198.51.44.73

You need to remove all records that have a value starting with 198 so only the first record in the list above remains. Refer to [Support Guide] DNS Quick Start - How to set up DNS for further details.

My domain name has been unable to issue a certificate for a long time, even though its DNS is correct.

netlify.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.ong

; <<>> DiG 9.10.6 <<>> netlify.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.ong cname
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45380
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;netlify.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.ong. IN	CNAME

;; ANSWER SECTION:
netlify.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.ong. 299 IN CNAME looong.netlify.app.

Your domain is too long. This is the error:

Acme::Client::Error::BadCSR: Error finalizing order :: CN was longer than 64 bytes

I have the same issue. It’s been provision for days now upstar.co.za. Is there a way for me to restart it?

Hi @upstar! The issue you’re facing is an inactive DNS zone. You currently have external DNS configured alongside a DNS zone at Netlify. You’ll want to read through this support guide for how to resolve that issue and successfully provision an SSL certificate:

Hi Netlify,

I have a domain from Namecheap that I just renewed. I decided to change to using the Netlify DNS (I was previously using Cloudfare DNS). However, when visiting the site, it’s showing as unsecure and that the certificate could not be verified.

I followed the steps from Netlify to enable the Netlify DNS and I have added them to my Namecheap account. Also, Netlify is showing that the domains are using Netlify’s DNS:

My website is abrahamglasser.com.

Thanks in advance!

This appears to be resolved.

I checked again using an incognito browser and checked on a separate device, it’s secure now! Thank you very much - it seems that the systems needed time to propagate, etc.