ac011158-e161-4174-a7ac-1559242b4b5b

Would you mind sharing a screenshot of your DNS configuration?

Any update here?

the domain works fine for me

On some networks it doesn't connect properly. It's only for this domain (aibverify.com), we tried it on other domains and it works fine. Conversations with godaddy and Coudflare support told us that the issue is conficting c name and a name records on railway.

below are the errors, let me know if I can clarify anything:

curl -v https://aibverify.com/
Trying 2606:4700:3033::ac43:dd2f:443…
Connected to aibverify.com (2606:4700:3033::ac43:dd2f) port 443 (#0)
ALPN, offering h2
ALPN, offering http/1.1
successfully set certificate verify locations:
CAfile: /etc/ssl/cert.pem
CApath: none
(304) (OUT), TLS handshake, Client hello (1):
error:1404B42E:SSL routines:STCONNECT:tlsv1 alert protocol version Closing connection 0 curl: (35) error:1404B42E:SSL routines:STCONNECT:tlsv1 alert protocol version

openssl s_client -connect aibverify.com:443 -servername aibverify.com
CONNECTED(00000005)

4565309100:error:1400410B:SSL routines:CONNECTCRSRVRHELLO:wrong version number:/AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/libressl/libressl-2.8/ssl/sslpkt.c:386:

no peer certificate available

No client certificate CA names sent

SSL handshake has read 5 bytes and written 0 bytes

New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1731787001
Timeout : 7200 (sec)
Verify return code: 0 (ok)

Hello, just wanted to follow up for anyone that can help, thank you.

there's not much we can help with here as this is not a platform issue but an issue with networking on your side, as previously mentioned, the domain works for me without issue

@Fragly - does it work for you?

yes, works fine for me

Would you be able to help change the a name? I've contacted ISPs, Cloudflare, Go daddy. They've all said its a conflicting c name and a record, and I need to switch the a name

you should not be using an A type to begin with, you need to only be using a CNAME, the cname you where given when you added the domain to railway

This is what I thought as well, but I was told otherwise. It doesn't let me add the a name to cloudflare to begin with, but they said it's because it is misconfigured. Have you ever worked with someone who has had a similar error, where they are unable to access a website through certain Wifis (ISPs) and have been through other?

Thank you for your help. Railway support has been the most repsonsive as opposed to other parties I've been corresponding with.

show me a screenshot of your current dns settings in cloudflare please

Absolutely:

is that the entire list?

Yes

show me the domains in your railway service please

Absolutely:

all looks good to me, there are no issues there, and there are no A types at the root

if the domain doesnt work, than its something to do with the ISP, and theres nothing railway, cloudflare, hostinger, etc can do about that

So we tested that out as well - we changed the domain name to "dealerhedge.com" - all other settings were kept the exact same, and it worked

All the people that were running into the issue likely because of the ISP before, were able to access the same site via dealerhedge.com, but when we switched back to aibverify.com - it stopped working

This is why it's a very confusing error for us

im sorry, i'd love to help, but that is beyond our control

theres no issues on the railway or cloudflare side of things

I understand thank you anyway. Do you know of anybody else we can contact to fix this issue? We've contacted cloudflare, go daddy, and you guys at Railway

your ISP, since this is not an issue with any of the platforms you just mentioned

But it sadly doesn't work on various ISP's not a singular one

Contact all of them?

may i ask where you are located?

NYC, my team is located in Austin, and LA. It works when we switch to mobile data, but doesn't when we use Spectrum/verizon

are you using the default isp dns?

Yep

try not doing that

We can switch our Dns's but will that solve our issue? If we switch our dns's and it works for the three of us, it won't solve the issue for other users who try to log into our website but have the default ISP dns's (exhibit A: my parents, who are in California, have tried to log in and it doesn't work for them, and they don't know what a DNS even is - they will also tell me it's "too complex" if i try to explain it to them)

its a test, while it doesnt fix the issue, it helps you understand the problem

Ok I will test and report back - thanks Brody

can you also define "doesnt work"

This is the error msg

We've checked, and even changed SSL certificate on cloudflare with no luck

It's also a different host of error msges, my team gets this, while I get the above:

hey, could you maybe try disabling Cloudflare's protection? maybe that will narrow down the cause

Totally, we did try that initially, but it's been a while and can try it again

yep, try that, wait a while for the dns cache to go away

do you have Universal SSL enabled?

and then do a curl

Yes Universal

I would enable always use https, but other than that, this isn't a problem with the railway platform