If you're having problems setting up your domain with us to auto generate an SSL/TLS certificate, this could be due to a few different issues.
You can test that your domain is setup correctly using
dig @22.214.171.124 +short CNAME developer.example.com
In most situations, ReadMe does not require you to make changes to CAA records set up on your domain. However, in rare situations our Custom Domains page might request that you add CAA records for
You can view your CAA record using this site: https://dnsspy.io/labs/caa-validator
If you have accidentally set a CAA record, it may take up to 24 hours for your cert to be regenerated by us.
issue vs issuewild
Your CAA record must use the
issuewild. Our custom hostnames and SSL certificates only work for a single host. If your only
pki.googCAA record contains the
issuewildtag, we will not be able to issue a certificate on your behalf.
Use https://crt.sh/ to query whether some other web server has also been generating certs for your domain.
If you're using another CDN and having problems with SSL certs, please contact ReadMe Support
If you receive an error like the following in Chrome with an error code
NET::ERR_CERT_DATE_INVALID then this means that the certificate has expired.
This can happen for a couple of reasons:
- The custom domain that you're trying to generate for has previously been used on a ReadMe project and has since lapsed or been deleted.
- You now have a CAA record set up, and you didn't when we initially generated the cert for you.
If you're confident that you have correctly setup your DNS record after recent changes, you can re-trigger the certificate validation process by deleting and re-adding your custom hostname in ReadMe's dashboard.
Updated 8 months ago