Fly continues to serve expired cert on root domain

Tried searching the docs for a similar issue but found nothing. This was working fine then suddenly I noticed it was failing.

My app is served from

There’s a redirect from to

curl -X GET -i
curl: (60) SSL certificate problem: certificate has expired
More details here:

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

But curl -X GET -i works just fine.

I have certs for both domains.

flyctl certs list
Update available 0.0.350 -> v0.0.420.
Run "flyctl version update" to upgrade.
Host Name                 Added                Status       22 minutes ago       Ready   8 months ago         Ready

Things I’ve tried:

  1. Recreating cert
  2. Restarting app
  3. Re-verifying certs.

Note that I have an identical setup over at and it works just fine.

Any help or insight would be appreciated!

Hi there @Silvio_Gutierrez! It looks like your AAAA (ipv6) records for are pointing somewhere else, not us.

# Bad
$ dig AAAA +short

# Good
$ dig AAAA +short

This is likely the cause of your issue.

1 Like

Thanks! I’ve deleted that record, and imagine you only need CNAME left. The cert has always shown up as verified though, so I’m curious why that would make a difference.