Google GSuite domain verification keeps failing

Somehow Google can not verify my CNAME records although they are added correctly.

The records are added in DNS only mode. Anyone experienced this before?

Yes, CNAME records need to be unproxied, however these will be most likely not the ones Google wants.

Can you post a screenshot of the instructions you got from them?

This are the instructions (in dutch…)
Een CNAME-record maken:

  1. Maak via uw domeinhostingprovider de volgende CNAME-record:
  • Label/Host: 23806649
  • Bestemming/doel: google.com
  • Time to live (TTL): 3600 seconden / 60 minuten / 1 uur
    Opmerking: Een bestaande CNAME-record kan niet worden gebruikt. Deze speciaal geformatteerde CNAME-records worden door onze tools gebruikt om verzoeken te verwerken.

Translated:
Create the following CNAME record through your domain hosting provider:

Label / Host: 23806649
Destination / purpose: google.com
Time to live (TTL): 3600 seconds / 60 minutes / 1 hour
Note: An existing CNAME record cannot be used. These specially formatted CNAME records are used by our tools to process requests.

Not quite sure what it is saying, however if the target host is google.com the first record would be correct (the second one not).

Such a setup still seems somewhat unorthodox and I’d clarify if this really is accurate information. If it is, you can only talk to Google as the records seem to be correctly configured.

What is the domain in question?

@sandro added a translation (1 minute ago haha). Added the second record just for safety reasons.

Domain is Ge-wo.nl.

Yes, the record is in place

nslookup -type=cname 23806649.ge-wo.nl 1.1.1.1
Server:  one.one.one.one
Address:  1.1.1.1

Non-authoritative answer:
23806649.ge-wo.nl       canonical name = google.com

At this point you can only clarify with Google why they cannot verify that, respectively if that is the right setup in the first place. I very much doubt the latter to be honest.

1 Like

@sandro thanks a lot :slight_smile:

To elaborate on why, a domain verification typically has very different values, particularly when it comes to the target host. https://support.google.com/a/answer/47283 has more on that.

@sandro Thanks for the help, we will ask Google if the instructions are correct.