An SSL error occurs for an Auth0 custom domain when the hostname contains both a CNAME record and another DNS record type. Deleting the conflicting DNS records and recreating the custom domain entry in Auth0 resolves the issue. After configuring a custom domain in Auth0, checking the certificate validity or opening the custom domain URL returns an SSL error. A DNS check for the custom domain hostname reveals that the hostname has the required CNAME record alongside another DNS record type, such as an A, TXT, or MX record.

• Auth0
• Custom domain
• CNAME
• DNS records

The issue occurs when the same hostname has both a CNAME record and another DNS record, such as an A, TXT, or MX record. This behavior follows the DNS guidance in RFC 1912, which states that a CNAME record cannot coexist with any other data.

How is the custom domain SSL error resolved?

Delete the conflicting DNS records to leave only the required CNAME record, and then recreate the custom domain entry in Auth0.

1. Delete the conflicting DNS records.
2. Keep only the required CNAME record for the Auth0 custom domain.
3. Delete and recreate the custom domain entry in Auth0.