Can you check its configuration again?

Yeah, looks like I needed to update my DNS records. I did that and now I'm seeing "Certificate Authority is validating challenges" again

According to the linked resource, I see a valid cert. Is that still the case?

I'm facing the exact same issue with my wildcard domain *.ordenly.co.

Important Context: This setup was working perfectly 2 days ago and suddenly started failing. I haven't changed my DNS provider.

The symptoms:

1. Stuck on "Certificate Authority is validating challenges" for 24+ hours.

2. Eventually fails with "Failed to issue TLS certificate" (Internal Error).

3. Retrying puts it back in the infinite validation loop.

My Configuration (Verified):

• DNS Records: Validated CNAME for both wildcard (*) and _acme-challenge. Both point to the correct Railway target provided (uyofr105...).

• Cloudflare Settings: _acme-challenge is strictly set to DNS Only (Grey Cloud). Universal SSL is Enabled.

• Troubleshooting tried: I have already tried deleting the domain, waiting, and re-adding it to force a reset, but the issue persists.

It seems like the internal validation process is hanging indefinitely. Could you please check the logs for *.ordenly.co?

No, I'm still having the same issue

Yeah this is pretty much exactly what I'm dealing with

Hello!

We're acknowledging your issue and attaching a ticket to this thread.

We don't have an ETA for it, but, our engineering team will take a look and you will be updated as we update the ticket.

Please reply to this thread if you have any questions!

🛠️ The ticket SSL Certificate Validation has been marked as triage.

Noted, I am going to be raising this up to the team to see what might have went wrong. I apologize for the impact.

Any updates on this? I'm at about a week of my site being down now : (

I have the same issue on a new site I am creating. Can I get added to receive updates on the ticket?

Can y'all make your own threads for this? Would be able to track the issues individually better!

Since this is originally my thread would you like me to open a new one as well?

Nope if you're the OP use this!

Almost two weeks now of my website being down. Are there any updates?

Hello!

We're acknowledging your issue and attaching a ticket to this thread.

We don't have an ETA for it, but, our engineering team will take a look and you will be updated as we update the ticket.

Please reply to this thread if you have any questions!

Hey there, sorry for the trouble with your certificate!

Your DNS records for *.voidkandy.space are pointing to an outdated target. You'll need to update them to match the current values shown in your Railway dashboard.

Specifically, update your CNAME record to point to qzgyoke7.railway.internal (instead of the old mrbury9f value). Once that propagates, the certificate should validate automatically.

Let us know if you run into any issues after updating.

Okay, I've updated my records accordingly. I will let you know what happens :)

Groundhog day was recently, and I imagine you might feel like you are living the movie. I see you are stuck again on "Certificate Authority is validating challenges". Could you try the troubleshooting steps at https://docs.railway.com/guides/troubleshooting-ssl#certificate-stuck-on-validating-challenges one more time? Particularly, if you have not tried removing and re-adding. Just try it once and if does not succeed we'll investigate further.

Thanks so much for your patience.

It looks like there are some issues according to https://dnsviz.net/d/www.voidkandy.space/dnssec/

I have no idea how to address these

Hi team, I'm following up here because it's been 6 days since I opened my separate thread as requested, and my production site (*.ordenly.co) has now been down for nearly 3 weeks in total.

This is a multi-tenant SaaS and the 'Certificate Authority is validating challenges' loop is affecting all my customers. I’ve already performed all the troubleshooting steps (DNS-only in Cloudflare, deleting/re-adding the domain).

Could someone please manually check if there is a target mismatch on the backend? Here is my thread: https://station.railway.com/community/certificate-authority-is-validating-chal-c52c3835

It looks like changing my DNS records did not fix anything

I don't know if this is the right thread to request this but I would like a partial refund for this month's subscriptions since my site has been down for the passed 2 weeks

It'd be best to make your own thread for that!

🛠️ The ticket Secure connection setup issue has been marked as todo.

🛠️ The ticket SSL Certificate Validation has been marked as todo.

Hello, we have fixed the underlying issue and the certificate has been issued successfully. Please let us know if you have any questions.

This issue has not been resolved for me. Nothing has changed.

There are stale TXT records on your domain. You will need to ask your NS provider to clear those before we can issue a certificate for the wildcard subdomain.

which records specifically?

The TXT records for the ACME verification.

Thanks I've just cleared those

This issue is fixed on my end thank you!

Awesome, glad you are in a good state now!