Support Forums

TLS cert invalid on apex domain, valid on www

Netlify site: https://www.radstarter.io works https://radstarter.io doesn’t work. I’m using an A record on the load balancer: for the apex domain.

Hi, @drat3. The root cause in this case is that there is an inactive Netlify DNS zone here:


We have a support guide about why this causes SSL provisioning issues here:

If you delete that DNS zone first, the “Renew certificate” button on the domain settings and SSL page (Site Name > Settings > Domain management > Custom domains) should update the certificate to include both the www subdomain and the apex domain (radstarter.io). Right now the SSL certificate only includes www and we cannot update it because of the inactive DNS zone.

If there are any questions or if that doesn’t resolve the issue, please let us know.

So I just have to press the button in the danger zone that says “Delete DNS Zone” ?

Yes, if you are deleting it, that is all that is required to do so. You can also activate it instead if you prefer but I’d personally recommend deleting it in this case.