Edge Certificates (pending validation Txt) 24hr+

Answer these questions to help the Community help you get started.

What is the domain name?
anos.cloud

Have you searched for an answer?
Tried to yes

I click on the link and there is no where to put my domain absolutely not intuitive looking at it at all and I’ve looked and tried multiple fixes
Describe the issue you are having:
Multiple days pending did 24hr with website up 24 without website up just need the certi

I am using a flask app and I did specify on the vps I linked the IP too to run port 5000 idk if that matters when getting a ssl certi but Im all for some help man

At the domain registrar for the domain anos.cloud, Porkbun, you have DNSSEC enabled, and as such DNS resolvers across the world expect that your domain’s DNS data also holds cryptographic DNSSEC signatures, and that they will validate according to the DS record set that has been set from the domain registrar.

However, within Cloudflare, you do not currently have DNSSEC enabled, and as such, Cloudflare is obviously not adding any cryptographic signatures to your domain’s DNS data, and therefore, there are validation errors while trying to access your domain.

You have the following options to solve your problem:

→ If you want to have your domain’s DNS data to be protected with DNSSEC, do this:

  1. Enable DNSSEC within Cloudflare:
    https://dash.cloudflare.com/?to=/:account/:zone/dns/settings

  2. Log in to Porkbun, and then go to:
    Porkbun - Domain Name System Security (DNSSEC) for ANOS.CLOUD
    → Delete all the records you see under “Current DNSSEC Configuration” on this page.
    → Add a new one (typically using “dsData”) here, which MUST be a 100% match to the details you see in your Cloudflare account.

NOTE: Alone enabling DNSSEC within Cloudflare (e.g. #1) will NOT be sufficient, if the data that Porkbun holds is NOT a 100% match to what the Cloudflare page says. The details Cloudflare ask you to add will be shown when you expand the view by clicking on the "DS Record → " on the Cloudflare link above.

→ If you do not want your domain’s DNS data to be protected with DNSSEC, you can do this:

  1. Log in to Porkbun, and then go to:
    Porkbun - Domain Name System Security (DNSSEC) for ANOS.CLOUD
    → Delete all the records you see under “Current DNSSEC Configuration” on this page.

After making any of the changes to through Porkbun, please be advised that it may take between 48-96 hours to fully propagate worldwide, which neither Cloudflare, Porkbun, nor anyone else can expedite.

4 Likes

So I can just remove it from porkbun essentially and enable it in Cloudflare to remove the issue with the certi pending but for further security I have to take the extra steps?

Hey man it worked but now im getting an error code 523 Im going to assume its a vps problem any advice?

523 indicate that Cloudflare cannot reach your origin (e.g. your VPS).

  • The IP address that you have set in your Cloudflare DNS may be wrong.

  • The IP address (e.g. your VPS), that you have set in your DNS, is having a firewall, which blocks connections from the Cloudflare IP addresses, see IP Ranges and whitelist them accordingly.

Things like that are likely causes of that, but if those does not resolve the new issue, the 523 numbers initially in this post (and in your own), may have more possible solutions, if those two are not enough.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.