Hey @sbrumby88 ! I just checked your site and it looks like this has been resolved, as I’m not seeing SSL as valid! Sometimes it takes time for all of the records to propagate and our system to recognize them and provision SSL. If you’re still not seeing the same after clearing your cache & cookies, please let us know!
Yes thankyou that all cleared up!
Hi,
I have setup 3 subdomains for my apps and only one of them has working SSL and others are unable to get the ssl. I have added the nameservers of all 3 apps in my domain registrar. Pls check and let me know if I am doing anything wrong.
Do I need to add the NS of all the new apps that I create in netlify to point to different subdomain?
My domain is suhail.top
Subdomains
Your apex domain suhail.top does not resolve due to which CAA lookup fails. Ensure that the apex domain resolves before managing subdomains.
Thanks @hrishikesh, it is now fixed after resolving the apex domain.
1 Like
glad to hear you found your solution!
1 Like
Hi! I click “Provision certificate”, and after that, the page reloads but nothing happens. What am I doing wrong?
can you provide the domain you are attempting to provision a certificate ?
My domain is theumdenken.com
I’m not seeing any Netlify NS. Are you attempting to use netlify DNS or external? Please refer to the following documentation DNS records | Netlify Docs
Hi, can you help me please with ssl certificate provision. My domain is skillerdome.com.
Hi @nazimkazim,
Thanks for reaching out and welcome to Netlify’s Support Forums!
I’m not sure what happened, however, I checked the DNS settings and did see that the Netlify name servers were configured so I was able to provision the SSL Certificate. You should be all set. When I visit the domain the proper SSL certificate is shown.
Let us know if you have any issues.
@Melvin thank you so much!
External - theumdenken.com
Hi @AlbinaBlazhko,
Thanks for reaching out!
I believe the issue you may have been having with getting an SSL Certificate is that you have both External DNS and Netlify DNS configured for theumdenken.com.
This can cause issues with getting an SSL certificate provisioned from Let’s Encrypt.
I do see that you’ve added a custom SSL Certificate at this time.
You can read more on how to detect and fix an inactive DNS Zone (which is what happens when you are using a Netlify DNS configuration but not the Netlify name severs):
This guide will lead you through how to detect an inactive DNS Zone, and how to fix the issue.
TLDR, you’ll only want to configure either External DNS or Netlify DNS, not both at the same time.
Hello @Melvin I’ve seen you helping folks on this thread and I would appreciate a little help! Having issues with Netlify provisioning me a SSL cert.
I have 3 records on my Godaddy account the CNAME with review-cleanup.netlify.app. and the 2 A records with 99.83.190.102 and 75.2.60.5
Everything seems to be correct with Netify side (see Screenshoot)
As soon as I try to provision the cert, the error is saying " DNS verification failed
- reviewcleanup.com doesn’t appear to be served by Netlify
and We could not provision a Let’s Encrypt certificate for your custom domain.
I can see the site is loading without a cert from the root domain as you can see here:https://reviewcleanup.com/
I know this is out of the blue, but any help would be appreciated.
Hi @DevOps-Tuck,
Thanks for reaching out!
Looks like you don’t have Netlify DNS properly configured as domaincontrol.com name servers are configured instead of the Netlify name servers mentioned here:
dig reviewcleanup.com NS +trace | tail -n 6
;; Received 543 bytes from 2001:502:1ca1::30#53(e.gtld-servers.net) in 47 ms
reviewcleanup.com. 3600 IN NS ns63.domaincontrol.com.
reviewcleanup.com. 3600 IN NS ns64.domaincontrol.com.
;; Received 98 bytes from 173.201.69.42#53(ns64.domaincontrol.com) in 42 ms
I’m also showing that you have configured the bare domain and subdomain for external DNS:
host reviewcleanup.com
reviewcleanup.com has address 99.83.190.102
reviewcleanup.com has address 75.2.60.5
reviewcleanup.com mail is handled by 1 aspmx.l.google.com.
reviewcleanup.com mail is handled by 5 alt1.aspmx.l.google.com.
reviewcleanup.com mail is handled by 5 alt2.aspmx.l.google.com.
reviewcleanup.com mail is handled by 10 alt3.aspmx.l.google.com.
reviewcleanup.com mail is handled by 10 alt4.aspmx.l.google.com.
host www.reviewcleanup.com
www.reviewcleanup.com is an alias for review-cleanup.netlify.app.
review-cleanup.netlify.app has address 18.213.222.111
review-cleanup.netlify.app has address 54.161.234.33
review-cleanup.netlify.app has IPv6 address 2600:1f18:2489:8200::c8
review-cleanup.netlify.app has IPv6 address 2600:1f18:2489:8202::c8
With Netlify, you’ll want to configure either Netlify DNS or External DNS not both at the same time. Since you have the domaincontrol.com name servers, the DNS Zone is inactive. You can read how to detect and fix inactive DNS Zone here:
TLDR: if you want to use Netlify DNS, you’ll need to use the Netlify name servers mentioned above. You’ll also want to remove the A Record for reviewcleanup.com that points to 75.2.60.5 and the CNAME Record for www.reviewcleanup.com that points to review-cleanup.netlify.app.
If you want to use External DNS, you’ll want to remove the Netlify DNS Zone here:
Let us know if you have any questions.
Hi Melvin,
Huge thanks for your help! I went ahead and changed the name servers as you suggested. Everything seems to be working smoothly now. And I can see the SSL cert as well.
I really appreciate your time and guidance!
Best regards,
1 Like
Hey @Melvin It’s me again—
Sorry to ask this- but I’m now trying to switch back to GoDaddy DNS. Do I only need these records on Godaddy?
Can you check the sitename on my Netlify?
@DevOps-Tuck To use external DNS, you’ll want the following records:
Type Name Value A @ 75.2.60.5 CNAME www mysite.netlify.app
1 Like