Need help setting up SSL for my apex domain on netlify dns

The site I am using with Netlify DNS is showing a good SSL certs, but when I try the apex domain on Safari it shows "certificate name does not match input:. Also in Firefox, it is showing SSL_ERROR_BAD_CERT_DOMAIN. Chrome is showing [ERR_CERT_COMMON_NAME_INVALID]. What do I need to do to make to work through Netlify dns? On my netlify screenshot below it seems to be setup correctly on netlify dns.

Generally, the reason we are unable to provision a complete SSL certificate for your custom domain is that the DNS cache time to live (TTL) value for a record has not had time to expire (from your old settings) before you tried to use it with Netlify. Our SSL provider ( is unable to create certificates for names that have old cached values still in effect.

Depending on how you configure your domain, we may only attempt to fetch the certificate once - when you update your settings with the new domain name. Usually, if it is your first hostname on a site, we’ll try several times until we succeed.

If that process generates a partial certificate, there is usually a button in our UI to renew the certificate which would try to add all appropriate names.

The additional delay between your attempt and mine seems to have been enough to allow things to work right when I attempted to re-issue the certificate.

Please let me know if things are not working as expected now.

It’s working great now Luke! Glad to know it wasn’t necessarily something I did incorrectly. Just took some time for the old TTL to expire. Thanks so much.

1 Like