Custom domain not working, HTTPS encrypt got stuck

Hi, I’m using a custom domain. Setup was quite easy and my custom domain provider now has the DNS directing to the right netlify nameservers. My custom domain was working for a week, but now suddenly stopped redirecting to my default netlify subdomain (dedatarunner.netlify.com), causing the error “site not found”. However, my netlify subdomain is working and showing the correct content.

Furthermore, the HTTPS automatic encryption was not working and got stuck in the same message about my subdomain and DNS certification failed. But all nameservers are pointing at the netlify nameservers. Any ideas what I should do next to make my page available again and start using https certificates? Kind regards.

Hi, @mbschriek. I’m showing that the custom domain configured here is using DNSSEC.

Netlify DNS doesn’t support DNSSEC so DNS queries are failing for this reason.

There two possible solutions:

  • change the name server (NS records) for this domain back to their original settings - in other words not using Netlify DNS
  • disabling DNSSEC for this domain (which is done at the domain registrar - not Netlify)

Please let us know if there are any questions about either solution.

Hi @luke, thanks for the reply. I’ve performed solution two, in which I now probably have to wait for 24hours to check if the change worked for me.

Question about solution one; if I’m not using the Netlify DNS, my recommended situation would be to redirect my domain name at the domain registrar to my netlify subdomain and accept that it will show the netlify subdomain as my home url? Or do I misunderstood solution one?

Hi, @mbschriek, actually the DNS lookup all happens “behind the scenes”.

This means that, if you use the CNAME record with a third-party DNS service, the domain name in the browser address bar won’t be the subdomain at netlify.com. The address bar will show whatever domain name was used originally, not the Netlify one.

I did check the DNS configuration and it does appear to be working now. I show the SSL certificate was provisioned at 10:48 AM PST on 2020-02-20.

Note, there is also a way to force the the Netlify subdomain to redirect to your custom domain as well. this is done using redirects.

For example, using a rule similar to this:

# Redirect default Netlify subdomain to primary domain
https://dedatarunner.netlify.com/* https://example.com/:splat 301!

(Of course also replacing example.com with the actual domain you want to redirect to.) You can put redirects into a file named _redirect or in the netlify.toml config file. (Personally, I find the _redirects format easier to read and modify but that is just me.)

If there are other questions, please let us know.

Thanks, totally clear. Everything works!