When tring to open website getting this error certification is not valid

I had change my nameserver to the netlify DNS yestarday but i am still getting this error. however, if i turn on my vpn the website work fine

In custom DNS also it show my domain name and says netlify DNS

My website name is rhinospotnkalij.com

  • what is the problem

  • how can i solve this problem

I don’t see the same issue @dilip, your site loads fine with HTTPS.

1 Like

Hi, @dilip. My best guess is that your are not being directed to Netlify until you use your VPN. This is probably because a local DNS resolver has the previous DNS records cached due to the time to live (TTL) values in the previous DNS records (not the current DNS records).

Then, when you use the VPN, it overrides the default DNS resolvers and the new resolvers have the current DNS records. When not using the VPN, the default resolvers are used and they have the cached previous DNS records.

If it is the TTL issue, you must wait for the previous DNS records to expire or otherwise flush the resolver cache in some way. Often the DNS resolver used is the one built into a wifi router and, in those cases, rebooting the router will fix this. If the local resolver is the ISP’s regional resolver (meaning some resolver outside the home or business) then waiting for the TTLs to expire is the only fix.

To know for sure, you can look at the IP address returned when when the VPN is off with this command:

nslookup  rhinospotnkalij.com

If you tell us the IP address returned we can tell you if it is the wrong one or not. The nslookup command sometimes, depending on the OS used, returns the resolver IP address as well. Here is an example:

$ nslookup rhinospotnkalij.com
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	rhinospotnkalij.com
Address: 138.68.235.89
Name:	rhinospotnkalij.com
Address: 184.72.19.87

Sending us the full output should tell us why it is happening.

Note, we also have a support guide about TTL values and DNS caching here:

2 Likes

sir
this is what i getting sir

That IP address (192.168.1.254) is a private IP address that cannot be reached via the public internet. This means it is a local resolver on your private network.

The IP address it is returning is incorrect and is not the IP address for any system used for our CDN.

This proves that it is an error with that local resolver. To fix that, you will need to troubleshoot that resolver or switch to some other resolver which does not have this error.

If there are other questions about this, please let us know.