2 months ago
Hey team,
I’ve been setting up my custom domain and running into an SSL/TLS issue with my root domain. When I visit the site, I get:
“This site can’t be reached — domain.com unexpectedly closed the connection (ERR_CONNECTION_CLOSED).”
Here’s what I’ve done so far:
Started with Squarespace DNS, but switched to Cloudflare for CNAME flattening support.
Updated my nameservers to Cloudflare’s and deleted the old Squarespace ones.
Added both my root and subdomain as custom domains in Railway, and created the corresponding CNAME records in Cloudflare (proxy turned on(orange)).
My subdomain (
https://www.domain.com) works perfectly, but my root domain (https://domain.com) does not.I first configured everything around 1 PM today, waited about 8 hours, then removed and re-added both the custom domain in Railway and the CNAME record in Cloudflare.
I redeployed my project afterward, but it didn’t help.
Universal SSL and Edge Certificates are both enabled in Cloudflare, and my Bulk Redirects are active. I’ve also set up a bulk redirect so that my subdomain forwards to the root domain.
When I run:
curl.exe -I https://domain.com
I get this error:
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed
I think the Railway-issued SSL certificate for my root domain might be stuck or still pending, but I’m not completely sure. Is there anything else I should try to fix this?
I’m not very experienced with SSL or networking, so any guidance would be really appreciated.
Thanks a lot,
Anthony
5 Replies
2 months ago
Hey there! We've found the following might help you get unblocked faster:
🧵 Wildcard SSL Certificate Issue - 525 SSL Handshake Failed for Subdomains
🧵 TLS Certificate Stuck in “Issuing” for Wildcard Domain on Railway
If you find the answer from one of these, please let us know by solving the thread!
2 months ago
I’ve already looked through the other threads mentioned above, but unfortunately they didn’t resolve my issue. 
I forgot to mention something that might be important, I originally started with Squarespace’s DNS but switched to Cloudflare because I needed CNAME flattening for my root domain. Right now Cloudflare shows multiple records under the root (@ / domain.com), including CNAME, MX, and TXT types. I recently learned that CNAMEs can’t coexist with other record types on the same root name, so I’m wondering if this could be preventing Railway from verifying the domain and issuing the SSL certificate. I’m not sure if Cloudflare’s CNAME flattening automatically handles this or if I need to adjust the setup manually, but it might be part of the problem. It would make sense since since my subdomain works, because it use (www) instead of (@ / domain.com). But I have my proxy turned on for my root https://domain.com so this woudln't happen, so I'm still confused.
2 months ago
I accidentally clicked “Approve” — the issue still isn’t resolved. It’s strange because the domain works perfectly on my phone (https://domain.com), but it doesn’t load anywhere else — not on my PC or on other people’s phones.
2 months ago
And it started working on my phone like 8 hours ago, and it was working right until 5 minutes ago, I have no clue what is going on.
Status changed to Open itsrems • about 2 months ago
2 months ago
.
Status changed to Solved brody • about 2 months ago