We’re having trouble having a SSL cert issued for a couple of our sites, its
been hanging on
Your certificate for [site] is being issued. Status is Awaiting certificates. Make sure to create another certificate for www.[site] when the current certificate is issued
for a few hours. Is there maybe something wrong on the back end? This was working properly yesterday.
Also experiencing this same issue.
Same issue here. I was able to fix it once by deleting and re-submitting it. Doesn’t work now for another cert… 
Deleting and re-submitting has yet to work for me.
Specifically, here’s what I’m seeing:
I can also confirm DNS records exist and ownership is verified:
Just worked for me. Only thing I can think that I did differently is I added the A and AAAA records instead of going the CNAME route I usually go. Whether or not that made a difference or was just a coincidence is not immediately clear to me.
This worked for me! I still think there are issues with the CNAME somehow, but A records worked.
Glad it worked! 
I’m also having trouble getting a cert.
I created a CNAME record that points to my fly domain, but the cert seems to be stuck:
The certificate for portal-stage.glasswerks.com has not been issued yet.
Hostname = portal-stage.glasswerks.com
DNS Provider = linode
Certificate Authority = Let's Encrypt
Issued =
Added to App = 15 hours ago
Source = fly
Your certificate for portal-stage.glasswerks.com is being issued. Status is Awaiting certificates.
Do I need to do anything to push this along?
Hi thanks for responding. I understand that you decided to use an A record. I’m asking for help getting a cert while using a CNAME record.
Hi folks, we’re taking a look into what’s causing this with some CNAME record registrations. In the meantime using A/AAAA records is working as expected and can be used while we work on a fix
For the DNS challenged like myself who are trying to do subdomain adding, you don’t have to do a top level domain per app, you can just use the app name:
instead of CNAME myapp myapp.xyz.fly.dev
can do A myapp <ip4> and AAAA myapp <ip6>
so if your top level domain is example.com it should now work for myapp.example.com … once the A and AAAA records get picked up.
Thanks everyone for sharing your issue here. I didn’t realize this was happening, i thought I was doing something wrong.
Thanks Sam. I just want to check in on this a few hours later and see if there’s anything I should be doing on my end. Should I re-request the certificate?
This should now be fixed.
An update from Let’s Encrypt to their DNS server (unbound) changed the expectations from our own authoritative DNS server (serving fly.dev.). We’ve modified the DNS responses and it appears to have resolved the issue. Certificates are now being issued properly for CNAMEd hostnames.
Thanks! 
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
please read the post before replying, my dude.