2 days ago
Can you please restore/reissue the previous www.coachjoelsway.com certificate key matching "b224060d...97393".
We are having a production outage and this would be the fastest remedy.
Thanks you
12 Replies
2 days ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open Railway • 1 day ago
2 days ago
I selected this thread to be private with Railway, why is this being open to the public as a bounty??
2 days ago
Are you still having this issue? Because I can access your website just fine. Try to open it in an incognito tab or use a different device/network, as it might be just a local caching issue.
darseen
Are you still having this issue? Because I can access your website just fine. Try to open it in an incognito tab or use a different device/network, as it might be just a local caching issue.
a day ago
Yes, the backend supports the iOS App version 1.0.0 through 1.3.0 all of which rely on that cert without having to upgrade to the newest ios app version.
joelhill
Yes, the backend supports the iOS App version 1.0.0 through 1.3.0 all of which rely on that cert without having to upgrade to the newest ios app version.
a day ago
You need to add a TXT record to _railway-verify.www.coachjoelsway.com. The certificate for your site will not be renewed unless that record is present.
0x5b62656e5d
You need to add a TXT record to `_railway-verify.www.coachjoelsway.com`. The certificate for your site will not be renewed unless that record is present.
a day ago
I've added the TXT record.
joelhill
I've added the TXT record.
a day ago
The content of the TXT record should be provided by Railway. It should not be your domain.
0x5b62656e5d
The content of the TXT record should be provided by Railway. It should not be your domain.
a day ago
I was not given anything by Railway. Can I find it somewhere?
a day ago
When you add the domain from your dashboard, Railway will display the required CNAME and TXT records for you to add.
If you're adding the domain using the API, you'll be able to get the content for the TXT record under the verificationToken property under status.
0x5b62656e5d
When you add the domain from your dashboard, Railway will display the required CNAME and TXT records for you to add. If you're adding the domain using the API, you'll be able to get the content for the TXT record under the `verificationToken` property under `status`.
19 hours ago
Got it thanks. Here is what I need. Can you restore or reissue the TLS certificate for www.coachjoelsway.com using the previous public/private key that was active before the May 14, 2026 Let’s Encrypt renewal? Older shipped iOS clients pin that public key and currently fail TLS before reaching our backend.
9 hours ago
Don't think that's possible. You'll need to update the TXT record to be the correct value for Railway to issue a certificate. This is to prevent domain hijacking.
0x5b62656e5d
Don't think that's possible. You'll need to update the TXT record to be the correct value for Railway to issue a certificate. This is to prevent domain hijacking.
4 hours ago
Thanks. To clarify, the domain is already validated and Railway has already issued a valid Let’s Encrypt certificate for www.coachjoelsway.com.
The problem is not certificate issuance or domain validation. The problem is that older shipped iOS clients pin the previous public key. After Railway renewed the cert on May 14, the public key changed, so those clients reject TLS before reaching our backend.
Can Railway either:
- restore/reuse the previous private key/public key for www.coachjoelsway.com, or
- confirm that this is not possible on Railway-managed TLS?
If the answer is no, we understand that old pinned clients cannot be recovered through Railway DNS/TXT changes alone.
an hour ago
No, the previous keys cannot be reused. I'd recommend adapting your application to allow the rotation of such keys, as Railway (which relies on LE) will issue a new certificate periodically.