a month ago
I have deployed a new site and am attempting to attach a domain to it. I am consistently receiving an error, "Failed to issue TLS certificate
An internal error occurred. Please retry or contact support."
I noticed several threads on the discussion board when this first happened (Jan 25)... this one sounds like my exact issue, with an associated support ticket, and is still not resolved: https://station.railway.com/questions/certificate-authority-is-validating-chal-06a0bb87
I am using porkbun.com as the domain manager and have the CNAME record set up as *.sharkwar.studio.
Pinned Solution
a month ago
I figured this out. In this document - https://docs.railway.com/guides/troubleshooting-ssl#certificate-stuck-on-validating-challenges - I read the part about CNAME flattening but I didn't think it applied to me. It does - and it probably applies to most Railway users.
My DNS provider, porkbun.com, supports CNAME flattening. I followed their instructions to add a CNAME flattening ALIAS record ("sharkwar.studio", providing the railway URL as the answer), then changed the CNAME record to "www.sharkwar.studio" (also with the railway URL as the answer). I waited 12 hours for the DNS records to propagate, clicked the Try Again button, and everything worked. For a Django app like mine, remember to add your new domain name to ALLOWED_HOSTS and CSRF_TRUSTED_ORIGINS.
To be honest, I kind of stopped troubleshooting this when I saw the "An internal error occurred" message and noticed a bunch of other posts on the same topic. That error message means something to a developer -- usually that there's a bug in whatever service you're calling. With a more specific error message I likely would have kept digging and arrived at this solution sooner.
6 Replies
a month ago
Following. I have the same issue
a month ago
I would recommend you use Cloudflare's DNS service as they automatically issue TLS/SSL certificates for free.
https://developers.cloudflare.com/dns/zone-setups/full-setup/setup/
a month ago
Can you share the screenshot, showing the CNAME and value provided by railway, and the one which you added in your DNS provider?
a month ago
I figured this out. In this document - https://docs.railway.com/guides/troubleshooting-ssl#certificate-stuck-on-validating-challenges - I read the part about CNAME flattening but I didn't think it applied to me. It does - and it probably applies to most Railway users.
My DNS provider, porkbun.com, supports CNAME flattening. I followed their instructions to add a CNAME flattening ALIAS record ("sharkwar.studio", providing the railway URL as the answer), then changed the CNAME record to "www.sharkwar.studio" (also with the railway URL as the answer). I waited 12 hours for the DNS records to propagate, clicked the Try Again button, and everything worked. For a Django app like mine, remember to add your new domain name to ALLOWED_HOSTS and CSRF_TRUSTED_ORIGINS.
To be honest, I kind of stopped troubleshooting this when I saw the "An internal error occurred" message and noticed a bunch of other posts on the same topic. That error message means something to a developer -- usually that there's a bug in whatever service you're calling. With a more specific error message I likely would have kept digging and arrived at this solution sooner.
Status changed to Solved brody • about 1 month ago