3 months ago
Hi team! We're running into an issue with a wildcard domain deployment.
The Setup:
- Root Domain:
e-maktab.co.uk(Working perfectly) - Wildcard Domain:
*.e-maktab.co.uk(Returning 525 SSL Handshake Failed via Cloudflare) - Cloudflare SSL: Set to "Full"
Railway Status: There is a warning icon next to the wildcard domain in the Settings > Domains panel, but no extra info on hover.
The Issue:
Pages behind the wildcard (like our multi-tenant subdomains) are failing the SSL handshake. Our root domain works, but anything on the wildcard doesn't. This started happening after our last deployment.
Questions:
Have there been any recent changes to how wildcard certificates are provisioned or validated?
Could you check if the certificate generation is stuck on the backend for this service?
4 Replies
We just got it fixed. We had to remove the custom domain, and configure a new one and redo it on cloudflare. Now it works
3 months ago
I had the same exact thing happen. I think Railway may have missed an if statement in their new "TXT verification for trusted domains" feature (https://railway.com/changelog/2025-02-06-magic-domains).
If anyone is experiencing Cloudflare SSL 525 errors, and you DO NOT have 3 records configured for your custom domain (2 CNAME, 1 TXT), then delete and re-add your custom domain to get the new railway verify TXT record.
2 months ago
Glad it is all solved now. As for why it happened, it is hard to say for sure without the broken domain to look into. Please re-open if it happens again.
Status changed to Solved jr • 2 months ago