I’m experiencing the same issue with my apex domain mimento.ai.
-
The domain was working fine before — then suddenly stopped issuing a valid certificate.
-
www.mimento.aicontinues to work without any problems. -
For the apex domain, the status now loops between
PendingAcmeApprovalandFailed: order is unable to reach 'Ready' status. -
All CAA, TXT, and
_acme-challengeCNAME records are correct and DNS resolves properly. -
I also deleted the previous registration request and created a new one, but the problem persists.
As a temporary workaround, I enabled Cloudflare proxy for the apex CNAME record and set up a redirect from mimento.ai → www.mimento.ai.
This avoids the certificate error, but it’s not a real fix.
Is there a known issue on the DFINITY side regarding ACME for apex domains, or any way to manually reset the challenge?