I’ve been setting up my custom domain and running into an SSL/TLS issue with my root domain. When I visit the site, I get:
What I’ve done so far:
- Started with Squarespace DNS, but switched to Cloudflare for CNAME flattening support.
- Updated my nameservers to Cloudflare’s and deleted the old Squarespace ones.
- Added both my root and subdomain as custom domains in Railway, and created the corresponding CNAME records in Cloudflare (proxy turned on/orange).
- My subdomain (
https://www.example.com) works perfectly, but my root domain (https://example.com) does not. - I first configured everything around 1 PM yesterday, waited about 8 hours, then removed and re-added both the custom domain in Railway and the CNAME record in Cloudflare.
- Redeployed my project afterward, but it didn’t help.
- Universal SSL and Edge Certificates are both enabled in Cloudflare, and my Bulk Redirects are active. I’ve also set up a redirect so that my subdomain forwards to the root domain.
Diagnostics
When I run:
curl.exe -I https://example.comI get:
curl: (35) schannel: failed to receive handshake, SSL/TLS connection failedTimeline
At the time of posting this, it’s now been about 25 hours since I removed and re-added the domain as an attempt to fix it, and around 33 hours since I first configured it and changed the name servers.In the past 10 hours, the root domain has been working on and off — it might stay live for about 20 minutes, then stop working for an hour, and later start working again.
On my phone, the site always loads over mobile data, but when I switch to Wi-Fi, it only works sometimes.
Question
Is this kind of behavior normal, and am I just being impatient?Or could there still be a configuration issue between Cloudflare and Railway causing the SSL handshake to fail?