Univesal edge certificate still says "Pending validation (TXT)" after 48h

Hello, I’m having difficulties enabling the Universal Edge Certificate on my domain (mystash.ovh).

Details below:

What is the domain name?
mystash.ovh

Have you searched for an answer?
Yes

Describe the issue you are having:
After waiting almost 48h, the universal edge certificate status is “Pending Validation (TXT)”.

What error message or number are you receiving?
“Pending Validation (TXT)”

What steps have you taken to resolve the issue?

1. I’ve disabled proxy on the DNS records
2. I’ve disabled and re-enabled the universal certificates
3. Waited 24h as suggested

Please attach a screenshot of the error:
[backtick example](https://i.imgur.com/o51diBk.png)

You need to remove the invalid DNSSEC entries at your registrar.

https://dnsviz.net/d/mystash.ovh/dnssec/

Thanks for the reply. I’ve disabled the DNSSEC option at my registrar (OVH).

However, I’ve other 4 domains (with the same registrar) and they don’t suffer from the same issue. It’s strange that only this one does. I’ll wait and see if this fixes the issue.

On top of what @cscharff wrote, you should also fix your server configuration, as you do not have SSL there either yet. Your server needs to be working fine on HTTPS first.

Thanks for the reply @sandro. I already tried to generate SLL cert at the server side (via Lets Encrypt) but it fails due to Cloudflare inability to generate the universal certificate. For some reason Let’s Encrypt cannot validate that the domain is linked to the IP I specified in the A record.

The Cloudflare certificate should actually not matter in this context. If anything, such a configuration could often be an additional obstacle to getting an LE certificate.

Anyhow, if you need a certificate you can also take a look at Origin CA certificates · Cloudflare SSL/TLS docs

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.