Custom domain not verified

b11c · June 13, 2025, 8:11am

Hi!

I have created a custom domain, and the A and AAAA records have been altered to the correct IP numbers; however, the certificate still shows as “not verified”, and the domain is unreachable.

Any suggestions how to make it work? Thank you!

lillian · June 13, 2025, 8:14am

can you try running fly certs check?

b11c · June 13, 2025, 8:31am

The certificate for schematalog.com has not been issued yet.

Hostname                  = schematalog.com
DNS Provider              = gtld-servers
Certificate Authority     = Let's Encrypt
Issued                    = 
Added to App              = 4 days ago
Source                    = fly

You are creating a certificate for schematalog.com

lillian · June 13, 2025, 8:44am

your domain’s DNS servers cannot be reached:

$ dig @1.1.1.1 schematalog.com 

; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> @1.1.1.1 schematalog.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 42960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 22 (No Reachable Authority): (at delegation schematalog.com.)
; EDE: 23 (Network Error): (178.218.175.165:53 rcode=REFUSED for schematalog.com A)
;; QUESTION SECTION:
;schematalog.com.		IN	A

;; Query time: 103 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Fri Jun 13 04:43:55 EDT 2025
;; MSG SIZE  rcvd: 140

b11c · June 13, 2025, 9:00am

I’m getting a different response (the middle section):

$ dig @1.1.1.1 schematalog.com

; <<>> DiG 9.10.6 <<>> @1.1.1.1 schematalog.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 52809
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; OPT=15: 00 16 61 74 20 64 65 6c 65 67 61 74 69 6f 6e 20 73 63 68 65 6d 61 74 61 6c 6f 67 2e 63 6f 6d 2e ("..at delegation schematalog.com.")
; OPT=15: 00 17 31 37 38 2e 32 31 38 2e 31 37 35 2e 31 36 35 3a 35 33 20 72 63 6f 64 65 3d 52 45 46 55 53 45 44 20 66 6f 72 20 73 63 68 65 6d 61 74 61 6c 6f 67 2e 63 6f 6d 20 41 ("..178.218.175.165:53 rcode=REFUSED for schematalog.com A")
;; QUESTION SECTION:
;schematalog.com.		IN	A

;; Query time: 143 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Jun 13 10:58:10 CEST 2025
;; MSG SIZE  rcvd: 140

Ah but it’s still REFUSED…

b11c · June 13, 2025, 10:09am

Thank you @lillian, I managed to resolve it – the issue was with my DNS server.

Topic		Replies	Views
Domain verified but certificate not generated Questions / Help	6	734	June 25, 2021
How to troubleshoot custom domains? Questions / Help	7	1475	December 25, 2022
Certificate validation not working?	16	657	November 16, 2022
Custom domain stopped working, and Certificates ECDSA and RSA not verified Questions / Help certificates	7	35	November 22, 2024
Setting up a custom domain Questions / Help	4	4091	July 2, 2023

Custom domain not verified

Related topics