SSL Certificate Not Provisioning for Custom Domain dash.linkllo.com
vthapan29-cloud
HOBBYOP

a month ago

Hello Railway Support,

I am experiencing an SSL provisioning issue for my custom subdomain:

Domain: dash.linkllo.com

DNS configuration:

CNAME:

dash -> pz5kzx46.up.railway.app

TXT:

_railway-verify.dash -> railway-verification token

The domain verification succeeds, but the SSL certificate is never issued.

Troubleshooting already performed:

Removed and re-added the domain multiple times

Verified CNAME and TXT records

Waited for DNS propagation

Tested in Incognito mode

Connected through Cloudflare

Confirmed DNS records are resolving correctly

Could you please check the certificate provisioning logs for this domain and verify whether the SSL issuance process is stuck on Railway's side?

Project:

linkllo.com

Affected domain:

dash.linkllo.com

Thank you.

Screenshot 2026-06-09 at 12.05.20 PM.png

Screenshot 2026-06-09 at 12.15.16 PM.png

Screenshot 2026-06-09 at 12.10.44 PM.png

$10 Bounty

7 Replies

Railway
BOT

a month ago

This thread has been opened as a bounty so the community can help solve it.

Status changed to Open Railway 28 days ago


I can access your domain just fine. It might be just a caching issue. I suggest you access it from an incognito tab, or use a different network.


itztrmin
FREETop 10% Contributor

a month ago

it's not a caching issue. the error is NET::ERR_CERT_COMMON_NAME_INVALID which means the ssl cert was never issued for dash.linkllo.com, railway just never provisioned it.

the dns and TXT verification look correct from your screenshots. this is railway's cert provisioning being stuck on their side. you need to contact railway support directly and ask them to manually trigger cert issuance for dash.linkllo.com — removing and re-adding the domain won't fix it if the ACME order is wedged


vthapan29-cloud
HOBBYOP

a month ago

Thank you for the response.

I have already tested the domain using:

  • Incognito mode
  • Multiple browsers
  • Different internet connections
  • VPN from different locations

The issue persists and the domain is still inaccessible due to SSL validation errors.

Also, in Railway's custom domain configuration, the CNAME record for dash.linkllo.com is showing a warning icon (⚠️) next to it, while the TXT verification record shows as verified.

Could someone from the Railway team please clarify what this warning icon indicates?

Domain: dash.linkllo.com

The DNS records currently configured are:

CNAME:

dash → pz5kzx46.up.railway.app

TXT:

_railway-verify.dash → railway-verification token

Could you please check whether:

  1. The ACME/Let's Encrypt certificate order is stuck.
  2. SSL certificate provisioning failed internally.
  3. The warning icon on the CNAME record indicates a validation issue on Railway's side.

If necessary, could the SSL issuance process be manually re-triggered?

Thank you.

Screenshot 2026-06-09 at 7.27.15 PM.png

Attachments


vthapan29-cloud

Thank you for the response. I have already tested the domain using: * Incognito mode * Multiple browsers * Different internet connections * VPN from different locations The issue persists and the domain is still inaccessible due to SSL validation errors. Also, in Railway's custom domain configuration, the CNAME record for `dash.linkllo.com` is showing a warning icon (⚠️) next to it, while the TXT verification record shows as verified. Could someone from the Railway team please clarify what this warning icon indicates? Domain: dash.linkllo.com The DNS records currently configured are: CNAME: dash → pz5kzx46.up.railway.app TXT: _railway-verify.dash → railway-verification token Could you please check whether: 1. The ACME/Let's Encrypt certificate order is stuck. 2. SSL certificate provisioning failed internally. 3. The warning icon on the CNAME record indicates a validation issue on Railway's side. If necessary, could the SSL issuance process be manually re-triggered? Thank you. ![Screenshot 2026-06-09 at 7.27.15 PM.png](https://station-server.railway.com/attachments/att_01ktpbbm4qecxvbfgwa82zqz8c)

itztrmin
FREETop 10% Contributor

a month ago

the warning icon on the CNAME confirms it — railway hasn't validated that domain yet on their side. your dns is fine, this is 100% a stuck ACME order on railway's backend. only railway support can fix this, no amount of removing/re-adding will clear it. when you contact them give them the domain id from your project settings so they can look it up directly


vthapan29-cloud
HOBBYOP

a month ago

Resolved. The issue was on Cloudflare's side — SSL mode was set to Flexible instead of Full. After changing it to Full (Strict), the certificate provisioned successfully.


vthapan29-cloud
HOBBYOP

a month ago

This bounty was added by mistake — this is my own support thread. Please ignore the bounty. I will contact Railway support directly with the Domain ID to resolve the stuck ACME order.


vthapan29-cloud
HOBBYOP

a month ago

Please delete my bounty post — it was added by mistake. Thread: https://station.railway.com/questions/ssl-certificate-not-provisioning-for-cus-fd48c030


Welcome!

Sign in to your Railway account to join the conversation.

Loading...