a month ago
Custom domain: is present
DNS appears correct:
CNAME is present
TXT is present.
The service briefly reached “Issuing TLS certificate” / “Fetching issued certificate” but then failed with:
“Failed to issue TLS certificate. An internal error occurred.”
Please retry/reissue the certificate from Railway’s side.
3 Replies
a month ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open Railway • about 1 month ago
a month ago
If the CNAME and TXT are both correct, and Railway already advanced to “Issuing TLS certificate” / “Fetching issued certificate” before failing with “internal error”, this is usually no longer a DNS-formatting issue but a certificate issuance/provisioning failure on the Railway / upstream CA side.
A few concrete checks before retrying:
- confirm there is no conflicting
A/AAAArecord on the same hostname - if using Cloudflare proxy, set SSL/TLS mode to
Full(notFull (Strict)) - check for restrictive
CAArecords and brokenDNSSEC, since Railway docs call those out as common causes of certificate validation failures
a month ago
Try removing the domain from Railway then add it back after ~10-15 mins.
a month ago
The DNS configuration itself appears correct:
- CNAME record is present
- TXT verification record is present
- Railway detected the domain and attempted certificate issuance
The key detail is that the domain progressed to:
- “Issuing TLS certificate”
- “Fetching issued certificate”
before failing with:
“Failed to issue TLS certificate. An internal error occurred.”
That usually indicates the DNS validation phase already succeeded and the failure is occurring during Railway’s internal certificate provisioning process rather than from an incorrect DNS setup.
At this point, this likely requires Railway to retry/reissue the TLS certificate from their side or investigate the certificate provisioning backend for this domain.