Hi Railway Support Team, I’m currently facing an issue while configuring a wildcard domain on my deployment. **Project:** vibx-app **Domain:** \*.client.digital The TLS certificate generation is लगातार failing with the following error: > “Failed to issue TLS certificate. An internal error occurred. Please retry or contact support.” I’ve already: * Verified the DNS configuration multiple times * Ensured the wildcard record is correctly pointed * Retried the certificate issuance several times However, the issue persists only for the wildcard domain (\*.client.digital). Other domains like `app.vibx.ai` and `admin.vibx.ai` are working fine without any issues. Could you please help me: 1. Identify if there’s any issue with wildcard domain support or validation 2. Confirm if my DNS setup needs any specific configuration for wildcard domains 3. Check if there are any internal issues on Railway’s side affecting TLS issuance Thanks in advance for your support. Best regards, Aakash

Issue with TLS Certificate for Wildcard Domain (*.client.digital)

Anonymous

PROOP

25 days ago

Hi Railway Support Team,

I’m currently facing an issue while configuring a wildcard domain on my deployment.

Project: vibx-app

Domain: *.client.digital

The TLS certificate generation is लगातार failing with the following error:

“Failed to issue TLS certificate. An internal error occurred. Please retry or contact support.”

I’ve already:

Verified the DNS configuration multiple times
Ensured the wildcard record is correctly pointed
Retried the certificate issuance several times

However, the issue persists only for the wildcard domain (*.client.digital). Other domains like app.vibx.ai and admin.vibx.ai are working fine without any issues.

Could you please help me:

Identify if there’s any issue with wildcard domain support or validation
Confirm if my DNS setup needs any specific configuration for wildcard domains
Check if there are any internal issues on Railway’s side affecting TLS issuance

Thanks in advance for your support.

Best regards,

Aakash

$20 Bounty

2 Replies

Status changed to Awaiting Railway Response Railway • 25 days ago

Railway

BOT

25 days ago

This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.

Status changed to Open Railway • 25 days ago

medim

MODERATOR

25 days ago

Have you followed the Wildcard Domains docs page?

medim

Have you followed the [Wildcard Domains docs page](https://docs.railway.com/networking/domains/working-with-domains#wildcard-domains)?

Anonymous

PROOP

24 days ago

Yes

Problem:

Added two custom domains to vibx-app: client.digital and *.client.digital
DNS is configured with two different Railway targets:
- client.digital CNAME → wqrcr8u2.up.railway.app
- *.client.digital CNAME → 5935a20t.up.railway.app
Railway shows *.client.digital stuck in "Certificate Authority is validating challenges"
Service config shows three Railway-generated domains but none match either DNS target

Expected: Both custom domains should resolve to the same Railway endpoint (one service = one endpoint)

Actual: Domains pointing to two different Railway endpoints; certificate validation failing

Request: Please clarify the correct single CNAME target for both client.digital and *.client.digital on vibx-app, or investigate why domain addition assigned mismatched targets.

Welcome!