Certificate request error is persistent (TLS Certificate can't be provisioned)

Certificate Request Error: Certificate provisioning will retry automatically in a short period, please be patient.
I receive this error every single time the TLS certificate tries to be provisioned. It’s been over 24 hours.
Should I be panicking, or is this normal?
My website link is kidkalc.com

12 Likes

Having the same issue here… for more than a few days.

ERROR: Certificate Request Error: Certificate provisioning will retry automatically in a short period, please be patient.

Removing CNAME file from repo like one suggested didn’t help.

Using custom domain with CNAME record that succesfully points to the pages.

I have a letsencrypt record, my dig command showing my cname>github pages profile>all pages a records (185.199.108-111.153)

I don’t get it…

1 Like

Got the same error, and it’s not generating the tls till now . … 

1 Like

I’ve got the same problem. Is this an issue on GitHub’s side or is this due to bad config?

EDIT: The problem has now been resolved for me.

@marcinole Did you make any changes to anything to fix the problem? Or did it resolve on its own? Having the same problem over here.

1 Like

I switched my custom domain to the “www” subdomain but I had tried that before (unsuccessfully) so when it finally worked I had the impression that the issue was fixed on GitHub’s side.

I’m getting the same error and have made no new changes to my website. No bueno. Following this post in hopes someone figures it out. 

I’m having the same issue for days too.

Didn’t change DNS or anything.

1 Like

I’m also having the same issue, been stuck on error for months now, is it from my side?

1 Like

OK I actually figured out a fix, I’m using Cloudflare as my domain registrar, and in my DNS settings, my 4 A records that point to Github had the “proxied” type on them, and appreantly GitHub doesn’t like that, so I switched from “proxied” to “DNS only” (by just clicking on the word ‘proxied’), and it seems to work with my custom domain (without the www subdomain). and now the certificate is issued and things are looking good, I hope this helps someone out!

1 Like

thanks. works for me too.

I was having a similar issue. Waiting for 24h hours didn’t fix anything. It turns out the problem was that my domain was parked by default (my domain provider is GoDaddy). I removed the parking A record, and 5 minutes later the TLS certificate was obtained. Then I could finally enable the “Enforce https” option in the GitHub pages settings. Then another 5 minutes later, my GitHub pages were online.

TLDR: try to remove the " A @ Parked" record in your domain provider DNS settings and then enable “enforce https” in GitHub pages settings.

3 Likes

Thanks for the info! I just made the changes on Cloudflare (to DNS only), and will update in a few days and see if it works.

EDIT: yep, that fixed it, almost immediately. If you have any type of DNS proxy make sure to shut it off, because the SSL cert authority is looking for specific A records.

Was having an identical issue, but this fixed it for me. Thanks so much!

Not sure what happened, Godaddy seems to be doing some wonky ish to my DNS. All of my A records for my github page had been deleted. My domain name is damosdesigns.com but now there’s a second domain name gdmig-damosdesigns.com in my account. No clue what that’s about. Adding those four A records back brought my website back up. 

I managed to solve it as most of you mentioned, unchecking the proxy option in the dns zone for the main domain (in my case cloudflare). However, there are some considerations to make:

If you have been using features like cache and workers, which need the server to process your request before actually accessing the website that is hosted on github, you will have problems with the functioning of your website when removing proxied.

In my case, using cloudflare I did the following:

  • I removed the A entries of the proxied github from the dns zone in the cloudflare;
  • I connected the enforce https via github pages;
  • I waited for github pages to renew my tls certificate;
  • I reconnected to A entries to be proxied again (on cloudflare);

I have to do this every 3 months, as github doesn’t seem to renew the certificate automatically, for cloudflare to automatically recognize the new certificate.