CNAME record producing SSL cert error

I have a custom domain setup to use Netlify as the DNS provider. While the root of the domain hosts a site, I setup a CNAME record on a subdomain to alias to another site. I can access both the site hosted at the domain root and the site the CNAME record points to via https no problem. However, when I try to access the other site via my subdomain, browsers get upset about cert errors:



The settings for the site hosted at the domain root shows that HTTPS is enabled, though I configured the CNAME record in the “Domains” settings, rather than the “Site > Domain” settings and there doesn’t appear to be anyway to see cert related stuff in the former.

I do see the SSL certificate being returned is for the following domain:

This is the domain this CNAME points to:

$ dig  +noall +answer

; <<>> DiG 9.10.6 <<>> +noall +answer
;; global options: +cmd	3599	IN	CNAME	599	IN	CNAME 599 IN	A 599 IN	A

This SSL certificate is unrelated to Netlify our or services. In other words, we are not the host for the website at

We host the DNS records for that domain (and DNS is working correctly) but we do not host the website that domain is currently pointing to. and do not point to servers controlled by Netlify.

Because we don’t control the web server replying for this domain, we are unable to control the SSL certificate being served there. If you are having issues with the SSL certificate, please contact the administrator of that service or their support helpdesk about this issue.