Catch 22? Cannot update DNS until let's encrypt cert renewed & cannot renew cert until DNS updated

Site: quill-interactive

Hi there

We recently migrated our web app (static files) to Netlify whilst simultaneously keeping our old site up & running, allowing us to migrate our clients carefully & gracefully.

Now we have successfully migrated all our clients, our new goal is to ditch the feature switch code/redirects, make our original “cloud” subdomain to point directly at Netlify, and retire the cloudv2 sub domain. This is what we’ve done so far:

We added the domain alias “cloud.quill-interactive.co.uk” to Netlify, which currently shows a status of “check DNS config”.

Before we can change the DNS to a CNAME record aimed at Netlify, we need to ensure the SSL cert in Netlify supports this new subdomain.

But hitting “Renew Certificate” on our let’s encrypt cert, does nothing. It doesn’t throw an error but it doesn’t renew to include our new domain alias. We guess because of its “check DNS config” status.

So it appears that we cannot update our let’s encrypt cert until we update our “cloud” DNS record and vice versa! Catch 22?

How can we get ourselves out of this loop?

Any help much appreciated.

Looks like this has self-resolved, @richardsalt. Likely another case of DNS propagation! Can you confirm all’s good?

Hi Pieparker. Thanks for your response but not sure what you’re suggesting here. Are you suggesting we try to renew the let’s encrypt cert again?

Apologies bud, I misread the question!

Two options, I think. You can either minimise downtime when migrating the main, cloud, subdomain. Alternatively, if you wanted to be super sure, you could go and buy an SSL cert for a few quid/dollars/etc which covers all domains, including the cloud subdomain.