Updated on 2023-12-20 GMT+08:00
Why Does the SSL Certificate Remain in the Pending Domain Name Verification State (Application Progress Is 40%) After Domain Name Verification Is Complete?

Why Does the SSL Certificate Remain in the Pending Domain Name Verification State (Application Progress Is 40%) After Domain Name Verification Is Complete?

If domain name verification is complete but the certificate remains in the Pending domain name verification state, perform the following steps:

  1. Check whether the ownership of the domain name for which the certificate is used is verified.
    • If domain ownership is verified, go to 2.
    • If domain ownership has not been verified, go to your domain name service provider to complete the verification.
  2. Check whether the domain name verification has been completed.
    • If you have completed domain name verification, go to 3.
    • If you have not completed domain ownership verification and organization verification, perform operations as prompted.
  3. Check whether the domain name verification takes effect.

    For details, see How Do I Check Whether Domain Name Verification Takes Effect?

    For details about how to make the verification take effect, see DNS Verification Configuration Does Not Take Effect.

  4. The review may take a while.

    After the verification is complete, additional time is required for the CA to verify your domain name. During this period, the certificate is in the Pending domain name verification state.

    If you have verified the domain name, the CA will take 2 to 3 working days to verify your information. The CA will issue the certificate only after they validate your information.

DNS Verification Configuration Does Not Take Effect

Locate the failure cause and fix the issue by referring to the following table.

Table 1 Possible causes

Possible Cause

Procedure

A wrong domain name management platform was selected.

DNS verification can be performed only on the platform where your domain name is hosted. Check whether the platform you select is the right one.

The old record set is not deleted.

The record added can be deleted once the current certificate is issued.

If the record added for the previous certificate is not deleted, the record added for the current certificate will not take effect. Check whether the record added last time is deleted.

The record configuration is incorrect.

Check settings of Host Record, Type or Value.

It requires a long period of time for the configuration to take effect.

Check whether the effective time (TTL) is too long. It is recommended that you set the TTL to 5 minutes. This value varies depending on the DNS service provider. In our DNS platform, the default value is 5 minutes, so the configuration takes effect in 5 minutes by default.

If the configured effective time does not arrive, verify after the time is right.