11 days ago
Hi everyone, I have set up a custom domain on Railway Hobby plan but SSL certificate is not being issued. Current status: 
CNAME: app → ikevd4um.up.railway.app (verified on dnschecker.org) 
TXT: _railway-verify.app → verified worldwide on dnschecker.org but Railway still shows warning Steps already tried: - Deleted and re-added custom domain - Clicked 
lightning bolt multiple times - Waited 24+ hours - DNS managed by Bluehost Has anyone faced this issue? How did you resolve it?
Thank you!
Pinned Solution
10 days ago
Railway should automatically detect the changes and issue the certificate within a few minutes, but it may take up to a few hours (rare but happens). If it doesn’t by then, try removing the domain from Railway, wait for ~10-15 mins, then re-add it again. Update DNS records as necessary.
21 Replies
Status changed to Open Railway • 11 days ago
11 days ago
(The lightning bolt is for CDN caching)
Are you able to access the site from your browser?
11 days ago
I had the issue of TXT record showing a warning sign next to it. I solved it by disabling proxied and making it DNS only in cloudflare. Check your DNS records in Bluehost, and see if it has the proxied option.
darseen
I had the issue of TXT record showing a warning sign next to it. I solved it by disabling proxied and making it DNS only in cloudflare. Check your DNS records in Bluehost, and see if it has the proxied option.
11 days ago
You can't proxy TXT records in Cloudflare...
0x5b62656e5d
You can't proxy TXT records in Cloudflare...
11 days ago
I didn't say that! I was referring to the custom domain setup when I said "it". But it could be misunderstood, I guess.
0x5b62656e5d
(The lightning bolt is for CDN caching)Are you able to access the site from your browser?
11 days ago
Great — someone responded!
Answer them:
Yes, the site is accessible via the Railway URL
(web-production-fbca5.up.railway.app) but not via
the custom domain. Getting SSL error when accessing
the custom domain.
darseen
I had the issue of TXT record showing a warning sign next to it. I solved it by disabling proxied and making it DNS only in cloudflare. Check your DNS records in Bluehost, and see if it has the proxied option.
11 days ago
Checked Bluehost DNS records — there is no proxy
option available. DNS is managed directly by Bluehost,
not Cloudflare. Any other suggestions?
11 days ago
Try accessing from an incognito window. Your browser may be caching stale data.
I'm able to access your site just fine.
Attachments
darseen
I didn't say that! I was referring to the custom domain setup when I said "it". But it could be misunderstood, I guess.
11 days ago
My bad haha. Misunderstood what you wrote then.
0x5b62656e5d
Try accessing from an incognito window. Your browser may be caching stale data.I'm able to access your site just fine.
11 days ago
The custom domain is app.liluboutique.com
Getting SSL error when accessing it directly.
0x5b62656e5d
My bad haha. Misunderstood what you wrote then.
11 days ago
Nah you're good, I should've worded it better tbh.
liluboutik-collab
The custom domain is app.liluboutique.comGetting SSL error when accessing it directly.
11 days ago
The content of your TXT record is malformed. Try removing the TXT record, copy what Railway provided, and add it back again.
0x5b62656e5d
The content of your TXT record is malformed. Try removing the TXT record, copy what Railway provided, and add it back again.
11 days ago
Sure! let me try that
Status changed to Awaiting User Response Railway • 11 days ago
liluboutik-collab
Sure! let me try that
10 days ago
Done! Removed and re-added the TXT record with the
exact value from Railway.
Two questions:
1. Should I enable CDN caching for the custom domain?
2. How long should I wait for the TXT to turn green
after re-adding the record?
Thank you for your help!
Status changed to Awaiting Railway Response Railway • 10 days ago
liluboutik-collab
Done! Removed and re-added the TXT record with theexact value from Railway.Two questions:1. Should I enable CDN caching for the custom domain?2. How long should I wait for the TXT to turn greenafter re-adding the record?Thank you for your help!
10 days ago
Did you click the copy button in Railway? Or did you just select the shown text and Ctrl/Cmd + C?
You should be clicking the copy button to the right of the text string.
FYI, your TXT record currently ends with “…” when it shouldn’t.
10 days ago
Update from Bluehost support:
"The DNS records are correctly pointed. The subdomain
app.liluboutique.com is not pointing to Bluehost server
at all.
SSL certificate needs to be activated from
Railway's end."
So the DNS is correct on Bluehost side.
The issue is Railway needs to issue the SSL certificate.
Is there anything I can do on Railway's side to trigger
the SSL certificate generation?
liluboutik-collab
Update from Bluehost support:"The DNS records are correctly pointed. The subdomainapp.liluboutique.com is not pointing to Bluehost serverat all. SSL certificate needs to be activated fromRailway's end."So the DNS is correct on Bluehost side. The issue is Railway needs to issue the SSL certificate.Is there anything I can do on Railway's side to triggerthe SSL certificate generation?
10 days ago
When you provided the TXT record to be added, did it contain “…”?
0x5b62656e5d
When you provided the TXT record to be added, did it contain “…”?
10 days ago
The full TXT value is:
railway-verify=4c1db8d459a738d9b8ae047969dbad22a2273f29185dd19cc6ec2e1d4c046e6d
No "..." - this is the complete value. I copied it
directly from Railway this time.
10 days ago
Railway should automatically detect the changes and issue the certificate within a few minutes, but it may take up to a few hours (rare but happens). If it doesn’t by then, try removing the domain from Railway, wait for ~10-15 mins, then re-add it again. Update DNS records as necessary.
0x5b62656e5d
Railway should automatically detect the changes and issue the certificate within a few minutes, but it may take up to a few hours (rare but happens). If it doesn’t by then, try removing the domain from Railway, wait for ~10-15 mins, then re-add it again. Update DNS records as necessary.
10 days ago
Update: app.liluboutique.com is now accessible!
However it's showing "Not Secure" - SSL certificate
not yet issued.
Is this expected? Will Railway auto-issue the SSL
certificate now that the domain is resolving correctly?
Thank you for all your help! 
10 days ago
The domain app.liluboutique.com is resolving correctly
but http:// is not redirecting to https:// automatically.
Railway URL (web-production-fbca5.up.railway.app) works
fine with HTTPS.
Is there a way to force HTTP → HTTPS redirect for custom
domains on Railway? Or does Railway handle this automatically?
0x5b62656e5d
Railway should automatically detect the changes and issue the certificate within a few minutes, but it may take up to a few hours (rare but happens). If it doesn’t by then, try removing the domain from Railway, wait for ~10-15 mins, then re-add it again. Update DNS records as necessary.
10 days ago
Resolved! 
It was a browser cache issue.
Working perfectly in incognito and after clearing cache.
https://app.liluboutique.com is now live with
full SSL (
green padlock)!
Thank you so much for all your help!
Especially @0x5b62656e5d
Status changed to Solved Railway • 10 days ago