a month ago
Two custom domains have been stuck at CERTIFICATE_STATUS_TYPE_VALIDATING_OWNERSHIP
for several hours and never progress to ISSUED.
Project: newmark-nla
Project ID: 362a0072-fabb-4d81-b274-2a2d21be6c92
Environment: production
Domains:
- app.newmarkai.com → service: nla-dashboard
- api.newmarkai.com → service: nla-api
What I've verified:
- DNS CNAMEs are correct (both resolve to *.up.railway.app, then Fastly)
- HTTP-01 challenge path is reachable on port 80 (returns 404 for unknown tokens,
as expected)
- letsdebug.net HTTP-01 test returns ok: true for app.newmarkai.com
- Tried deleting and re-adding the domains multiple times — status immediately
returns to VALIDATING_OWNERSHIP but never flips to ISSUED
Has anyone seen this? Is there a way to manually trigger the cert provisioner,
or is this a known Railway infrastructure issue?
Pinned Solution
a month ago
Your CNAME records should be set to what Railway has provided when you added a custom domain in networking settings. They should not be set to the generated public URLs.
Additionally, you need to add TXT records to your domains for the validation to go through.
1 Replies
Status changed to Open Railway • about 1 month ago
a month ago
Your CNAME records should be set to what Railway has provided when you added a custom domain in networking settings. They should not be set to the generated public URLs.
Additionally, you need to add TXT records to your domains for the validation to go through.
Status changed to Solved brody • about 1 month ago