I can access your domain just fine. It might be a caching issue. Try to access it in an incognito tab.

the root domain isnt the issue, its the other services

I'd like to request that you delete the image in this reply

I have been unable to reach anyone from Railway support regarding what I believe to be a Railway bug. I do not wish to share any public information in this open thread but can share domains and app IDs privately.

I have three custom domains where Railway isn't issuing SSL certificates despite correct DNS configuration. Each has a CNAME pointing to the Railway-assigned proxy target. The records are fully propagated and consistent across Google, Cloudflare, and my authoritative nameservers (Namecheap). There are no conflicting A records and no CAA records that would block Let's Encrypt. Two domains are set up identically (single CNAME to a Railway proxy hash) and both have valid Let's Encrypt certs issued on April 22. The three broken domains are configured the same way but Railway is serving the wildcard *.up.railway.app cert instead of issuing domain-specific ones. TLS handshakes fail for any client because the SAN doesn't match. Separately, another service has a valid cert but is returning a 502 Bad Gateway and unverified domain

I am very frustrated that I have not been able to recieve support regarding this and am hopeful to resolve it before migrating to another provider.