Thank you for your feedback, it means a lot to us.
This form is used for documentation feedback only. Learn how to get help with HubSpot.
Last updated: February 27, 2023
|All products and plans|
When connecting your domain to HubSpot, SSL for your domain will be provisioned automatically. However, in some cases, an error may occur.
To troubleshoot your SSL:
HubSpot is unable to issue the SSL for the subdomain because it, or its parent domain, has a Certificate Authority Authorization (CAA) record which doesn’t include Google Trust Services. To resolve this, you'll need to edit your CAA record or add a CAA record for your root domain.
To troubleshoot this issue:
The record should read: 0 issue ‘pki.goog’
Once you add Google Trust Services to the CAA record for the root domain, HubSpot will attempt to provision SSL within four hours. If this error has been present for more than 30 days, HubSpot will not automatically provision SSL after the CAA record is updated. Please contact HubSpot support if it's been more than 30 days since the error appeared.
HubSpot couldn't validate the SSL certification for your domain. There are three possible causes, which will be indicated in the error message details:
The domain is not currently associated with an email address in the Whois email registry, and HubSpot is unable to send the SSL validation email. To troubleshoot this:
HubSpot is unable to reach the subdomain. Ensure your CNAME record is entered correctly in your DNS provider. If this has been done correctly, please contact HubSpot support.
The subdomain does not have a CNAME record pointing to HubSpot. If believe you’ve set up your CNAME record correctly, please contact HubSpot support.
Google maintains a list of URLs that contain malware or phishing. If the domain you are connecting matches any domain in this list, HubSpot cannot provision SSL. If you have Google Search Console, an alert will appear in the domain’s security issues report.
To resolve this, submit a request to Google for a review of your affected page, or contact HubSpot support for further assistance.
PhishTank is an anti-phishing site that maintains a list of URLs with potential malware or phishing scams. If the domain you are connecting matches any domain in this list, HubSpot cannot provision SSL for your domain. If your domain does not include malware or phishing scams, report a false positive to PhishTank.
There is an unknown issue when attempting to provision SSL for your subdomain. Please contact HubSpot support.
Your domain has been blocked by Cloudflare. To resolve this, click Email Support in the banner, which will open a pre-filled email to email@example.com. Communicate with the team to resolve the error.
You can limit access to content, data, and more so only the right teams and users can view and edit them....
HubSpot automatically provisions a standard SAN SSL certificate through Google Trust Services when you ...
The brand domain is the section of a URL between the subdomain and the top-level domain. For example, in the...