2 months ago
Hello Railway team,
I have two custom domains in my project that are stuck in certificate provisioning:
- app.sgsseguranca.com.br on service Frontend
- api.sgsseguranca.com.br on service Backend
Current status from Railway:
- verified: true
- syncStatus: ACTIVE
- certificateStatus: CERTIFICATE_STATUS_TYPE_VALIDATING_OWNERSHIP
What I already confirmed:
- DNS is correctly published on the delegated nameservers for sgsseguranca.com.br
- app.sgsseguranca.com.br -> CNAME nhuo6tdq.up.railway.app
- api.sgsseguranca.com.br -> CNAME a11rk00b.up.railway.app
- _railway-verify.app.sgsseguranca.com.br TXT is present with the expected Railway token
- _railway-verify.api.sgsseguranca.com.br TXT is present with the expected Railway token I also removed and recreated both custom domains, but the status remains the same. Browser result:
- both domains return ERR_CERT_COMMON_NAME_INVALID It looks like domain ownership verification has succeeded, but certificate issuance/provisioning is stuck. Could you please check and manually refresh/retrigger certificate provisioning for these domains? Project details:
- Project name: GST
- Environment: production If useful, the current custom domain ids are:
- Frontend: bc4988a1-e466-4715-b2f2-035e0f2d10f9
- Backend: 04b3cbfb-a523-4abc-8009-9346ec39ffca
3 Replies
2 months ago
Both domains have their CNAME records pointing to outdated targets from a previous configuration. For app.sgsseguranca.com.br, your DNS currently points to nhuo6tdq.up.railway.app but the required target is wb3m1z3s.up.railway.app. For api.sgsseguranca.com.br, your DNS currently points to a11rk00b.up.railway.app but the required target is xr1lnq9i.up.railway.app. Updating these CNAME records to the new targets should allow certificate provisioning to complete.
Status changed to Awaiting User Response Railway • about 2 months ago
2 months ago
`I updated both CNAME records as requested:
- app.sgsseguranca.com.br -> wb3m1z3s.up.railway.app
- api.sgsseguranca.com.br -> xr1lnq9i.up.railway.app
The TXT verification records are also still present.
Current status is still:
- verified: true
- syncStatus: ACTIVE
- certificateStatus: CERTIFICATE_STATUS_TYPE_VALIDATING_OWNERSHIP
Both domains still return ERR_CERT_COMMON_NAME_INVALID in the browser.
Could you please manually re-check or retrigger certificate provisioning for these domains?`
Status changed to Awaiting Railway Response Railway • about 2 months ago
2 months ago
Hey,
Sorry about that. We have rolled out a fix for this. Your domains should automatically get issued a certificate. If they don't, please remove and re-add the domain.
Status changed to Awaiting User Response Railway • about 2 months ago
2 months ago
This thread has been marked as solved automatically due to a lack of recent activity. Please re-open this thread or create a new one if you require further assistance. Thank you!
Status changed to Solved Railway • about 2 months ago