Using Route 53 with Netlify


We can not get (without the www) to work.

My netlify name is:

My custom domain is:


hi there, i just tried this and it is resolving perfectly! could you check again from an incognito window, and maybe a different network? (such as your phone)

I think you are going to

I am talking about (without the www)

yes - it loaded perfectly for me without the www.

You are definitely trying with www. Can you please try with apex domain ( it is unavailable. The apex domain still is marked as pending configuration. You can see in below screenshot:



Yes, I can confirm that there is definitely an error when visiting

Could you take a screenshot of your domain settings in the UI, it would be interesting to know if is redirecting to or visa-versa.



Let me tag @gregraven in this. He’s the DNS master out of us Pilots :wink:

Hang in there… we’ll get this sorted for you in no time :grinning: :netliheart:

Thanks - you guys are awesome - I love the tool.

1 Like

@KidsHub @kylesloper It appears as though there is no A record pointing to the apex domain:

|====================== dig A record(s) for =====================
| ------------------------ ------------------------
| ------------ Netlify's old load balancer: -----------
| -------------- Netlify's new load balancer: -------------
whois: no default whois server

See the documentation here:

We already created A records & pointed to netlify IP address:

@KidsHub OK, that looks better. Have you tried renewing the SSL certificate for this project since you made this change? Keep in mind that DNS changes can take up to 48 hours to propagate, but once this change has propagated, you should be able to renew your certificate, at which point both the apex domain and www subdomain should load as expected.

Is it possible this thread may help us:

Hi, @KidsHub. I do show the SSL working now:

$ curl -svo /dev/null
*   Trying
* Connected to ( port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [227 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [102 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [2274 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [116 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject:
*  start date: Apr 15 20:32:14 2021 GMT
*  expire date: Jul 14 20:32:14 2021 GMT
*  subjectAltName: host "" matched cert's ""
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fdbbc80a200)
> GET / HTTP/2
> Host:
> User-Agent: curl/7.64.1
> Accept: */*
* Connection state changed (MAX_CONCURRENT_STREAMS == 150)!
< HTTP/2 301
< cache-control: public, max-age=0, must-revalidate
< content-length: 41
< content-type: text/plain
< date: Fri, 16 Apr 2021 01:59:00 GMT
< strict-transport-security: max-age=31536000
< age: 3957
< server: Netlify
< location:
< x-nf-request-id: a372120d-8afb-43b0-95d9-13f336ef92b2-17815457
{ [41 bytes data]

However, I’m also seeing the there is an inactive DNS zone here:

I recommend deleting that DNS zone about as you are already correctly using the alternative method - the external DNS instructions. The are the correct DNS record below:		300	IN	A	300	IN	CNAME

So, if you delete the DNS zone above, that is all that is needed. If you are curious about why, there is a support guide that explains this here.

Important!!! → If you don’t delete the inactive Netlify DNS zone, the automatic renewal of this SSL certificate will fail.

If there are other questions or concerns, please let us know.

1 Like