I purchased a custom domain from Netlify on November 22nd and immediately applied it to a new website I created. It’s been 3 days and it’s still in the “waiting on dns propagation”
The SSL certificate is working now. The additional delay seems to have been enough to allow things to work right when our system attempted to re-issue the certificate.
Generally, the reason we are unable to provision a complete SSL certificate for your custom domain is that the DNS cache time to live (TTL) value for a record has not had time to expire (from your old settings) before you tried to use it with Netlify. Our SSL provider (https://letsencrypt.org) is unable to create certificates for names that have old cached values still in effect.
Please let me know if things are not working as expected now.