21 days ago
Hi, I need urgent help with SSL certificate provisioning for my custom domain.
Service ID: b82ed46e-1ad6-48e6-bb24-2f50b184107e
Project ID: c65a23ce-2bfe-4174-b6c2-5c464f90bd7a
Domain: losfilmsmedia.com
The CNAME is verified VALID, target port is set to 8080, DNS is fully propagated and pointing to Railway. However Railway is still serving the wildcard *.up.railway.app certificate instead of issuing one for losfilmsmedia.com. HTTP (port 80) works and redirects to HTTPS, but HTTPS fails because the SSL cert hasn't been issued.
I have deleted and re-added the domain multiple times. Please force-provision the SSL certificate for this domain.
2 Replies
21 days ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open Railway • 21 days ago
21 days ago
The existing answer is probably the key one, but I’d verify it from public DNS, not only from the Railway UI.
From here I don’t see a public TXT record at:
_railway-verify.losfilmsmedia.comand the apex currently resolves to Cloudflare IPs, not an obvious Railway target. If Railway can’t see the ownership TXT, it won’t issue the cert no matter how many times you remove/re-add the domain.
For the apex domain, make sure your DNS setup is one Railway actually supports. Usually that means either:
- use Cloudflare CNAME flattening for the apex, or
- use a subdomain like
www.losfilmsmedia.comas a normal CNAME
Also, if you are using Cloudflare proxy/orange-cloud, I’d switch it to DNS-only while Railway validates and issues the cert.
The check I’d run after changing DNS:
dig +short TXT _railway-verify.losfilmsmedia.com
dig +short CNAME losfilmsmedia.comIf the TXT record shows the Railway token and the domain points to the Railway target/flattened CNAME, then re-add it in Railway. Until that TXT is visible publicly, I wouldn’t expect SSL provisioning to complete.