Cert provisioning error: We could not provision a Let’s Encrypt certificate for your custom domain

swes · July 27, 2020, 8:33am

Hi there

Seems there’s a few posts on this topic but I haven’t been able to resolve the issue via the suggestions in those posts.

The Netlify site name is: distracted-joliot-4d79a6

And the custom domain is: socialworkemploymentservices.co.uk

Thanks in advance

jen · July 29, 2020, 11:11pm

Hey @swes and welcome
It looks like when Let’s Encrypt was trying to verify your domain to issue the cert, it worked for the bare domain (socialworkemploymentservices.co.uk/) but not the www address (www.socialworkemploymentservices.co.uk/). If you’re interested, you can see the record here:
https://acme-v02.api.letsencrypt.org/acme/order/54403714/4336079783

So a few suggestions:

Since you’re not using Netlify DNS, then we recommend making the www your primary domain, with the bare domain automatically redirecting to www. You currently have this swapped. Here’s an article about why we suggest that but the main point is to take full advantage of our CDN so your visitors experience the best possible site performance:

You currently have two A records pointing to our load balancer. If you follow the recommendation above, then you’ll keep the A record pointing socialworkemploymentservices.co.uk to our load balancer. But you’ll change the other DNS record to be a CNAME pointing to distracted-joliot-4d79a6.

After you’ve done those, issuing an SSL certificate should go better. You can either try renewing in the UI (not too many times though!) or come back and let us know when that’s done and we can manually try to issue you a cert. Let us know if you have any questions about this!

swes · August 4, 2020, 8:24am

@jen thanks so much for coming back to me. That has done the job!