Custom domain stuck on “Waiting for DNS update” although DNS is propagated
msvermeire
HOBBYOP

12 days ago

Hello,

I'm having an issue with a custom domain on Railway.

Project:

viabilis-crm

Custom domain:

crm.viabilis.be

The application is running correctly and the deployment is Active.

The DNS has already propagated correctly:

CNAME crm.viabilis.be -> rmlsitg3.up.railway.app

Verified with:

  • Cloudflare (1.1.1.1)
  • Google DNS (8.8.8.8)

However Railway still shows:

"Waiting for DNS update"

and the HTTPS certificate is never issued.

I already:

  • upgraded to the Hobby plan,
  • recreated the custom domain,
  • updated the CNAME,
  • kept the TXT verification record.

Could you please check why the custom domain verification is stuck?

Thank you.

$10 Bounty

3 Replies

Railway
BOT

12 days ago

This thread has been opened as a bounty so the community can help solve it.

Status changed to Open Railway 12 days ago


You have an invalid TXT record set for _railway-verify.crm.viabilis.be. Your TXT is currently: railway-verify=99d9a10c96835c332deb8beb7a..., which appears to be a copied truncated string. You need to copy the entire string, and it should not contain any dots. A valid TXT record should be like this: railway-verify=<64 char string>


msvermeire
HOBBYOP

12 days ago

Thanks! You were absolutely right.

The issue was indeed the TXT verification record. I had copied the truncated value displayed in the UI instead of the full string. Using the copy button provided the complete verification token, which fixed the problem.

Thanks a lot for spotting this and taking the time to help—I really appreciate it!


abdeel57
HOBBY

12 days ago

Your website is ready, but Railway needs to see two special DNS records before it opens the door and creates the HTTPS certificate:

A CNAME record

A TXT verification record

Having only the CNAME is not enough. Both records must match exactly what Railway shows.

STEP 1: Open Railway

-Log in to Railway.

-Open the project: viabilis-crm

-Open the service that is running your CRM.

-Click Settings.

-Scroll to Public Networking.

-Find this domain:

-crm.viabilis.be

-Click it and look for the DNS instructions Railway gives you.

Do not guess the TXT record name or value. Copy it exactly from Railway.

STEP 2: Open your DNS provider

-Go to the place where you manage viabilis.be.

-This may be Cloudflare, GoDaddy, Namecheap, or another domain provider.

-Open the section called something like:

DNS

DNS Records

Manage DNS

Zone Editor

STEP 3: Check the CNAME record

You should have a record like this:

Type: CNAME

Name: crm

Target: rmlsitg3.up.railway.app

Important:The name should normally be only crm, not the full domain.The target must be exactly:rmlsitg3.up.railway.appDelete any other record using crm, such as:A record for crmAAAA record for crmAnother CNAME for crmThere should only be one main record for crm.

STEP 4: Check the TXT record

-Railway gives you a TXT record to prove that you own the domain.

-Create or check the TXT record exactly as Railway shows it.

It may look similar to this:

Type: TXT

Name: _railway-verify.crm

Value: railway-verify=some-long-code

The important rule is:Copy the TXT name and value directly from Railway.Do not use an old TXT code from before you deleted and recreated the domain. Railway may create a new verification code.

STEP 5: If you use Cloudflare

In Cloudflare, find the CNAME record for crm.

Look for the small cloud icon.

Turn it from:

Orange cloud = Proxied

to:

Gray cloud = DNS only

Leave it gray temporarily while Railway checks the domain.

Also go to:

Cloudflare → SSL/TLS → Overview

Choose:

Full

Do not use:

Flexible

Full (Strict)

Railway recommends Full mode, and temporarily disabling the Cloudflare proxy can help when the certificate is stuck.

STEP 6: Go back to Railway

Return to Railway and refresh the domain page.

When Railway sees both records correctly, you should see a green check mark.

After that, Railway automatically creates the HTTPS certificate.

-STEP 7: Turn Cloudflare back on

Once Railway shows the green check mark and HTTPS works:

Return to Cloudflare.

Change the cloud back to orange if you want Cloudflare protection.

Test:

https://crm.viabilis.be


Welcome!

Sign in to your Railway account to join the conversation.

Loading...