Universal SSL Stuck in “Pending Validation” — No Backup Certificate Generated
I’m having trouble with Universal SSL on my free Cloudflare account. The Universal SSL certificate for my domain is stuck in “Pending Validation (TXT)”, and I’ve tried all the recommended steps:
1. Changing DNS records to DNS-only and back to Proxied after waiting.
2. Disabling and re-enabling Universal SSL.
3. Verifying that there are no CAA records restricting issuance.
4. Using Flexible SSL temporarily to see if it would re-trigger validation.
Despite this, the certificate status remains “Pending Validation,” and a backup certificate is also neither generated nor visible in the panel.
Any advice or guidance on how to resolve this would be greatly appreciated. Thanks!
10 Replies
What's the domain? Typically issues like this end up being domain/dnssec issues
My domain is tecvideostv.com , all DNS entries now are DNS only. No R2 bindings and no subdomains proxied. It's been 5 days and still is "stucked". Now the same happens in another new domain added to my account: salir.com. The rest of domains of my account have no problems with SSL Certificate.
Hi Chaika, can you help me?
Like Chaika mentioned, this may be an DNSSEC issue.
Taking a quick look with your domain name seems to confirm indeed that your domain's DNSSEC is incorrect
https://dnsviz.net/d/tecvideostv.com/dnssec/
you'll need to fix your dnssec at both your registrar and cloudflare
Hello Peps! Thanks for the feedback. I found the issue - I had never set up DNSSEC for the domain in GoDaddy (the registrar). I've now activated DNSSEC in Cloudflare and added the DS record in GoDaddy. The DNSSEC issues are now resolved, though I'm still waiting for the Universal Certificate to be issued.
you can try disabling and re-enabling Universal Certificates to kickstart it faster
Done in both domains 30' ago. Still waiting for the Universal Cert
Still no certificate generated 😦 Do you have any clue what's going on? Thanks in advance
?pings
Please do not ping community members for non-moderation reasons. Doing so will not solve your issue faster and will make people less likely to want to help you.