SSL Error for Custom Domain Only on Some Macs – Works on *.vercel.app

Summary:

We’re seeing SSL issues with our custom domain https://requests.thesqd.com on some Macs. The same project works fine when accessed via the default Vercel domain (*.vercel.app). We’d appreciate help tracking down what’s going wrong.

Current Behavior

• The custom domain fails to load in Safari and Chrome on multiple Macs (including macOS Sequoia 15.4.1 — fully up to date)

• curl on those Macs returns:

  SSL certificate problem: self signed certificate in certificate chain

• The same site works:

  • From other Macs (e.g., mine)

  • When using the fallback prf4.vercel.app domain

• Also tested on multiple networks, including hotspots — issue persists

Expected Behavior

• Custom domain (requests.thesqd.com) should work consistently across all Macs and browsers, especially with a valid SSL chain

Debug Info

• SSL Labs test shows:

  • Grade: A+

  • Chain issues: None

  • Trusted by Apple, Mozilla, Windows, Android

• DNS (GoDaddy) is properly configured:

  • requests.thesqd.com → CNAME to cname.vercel-dns.com.

• No DNSSEC or caching issues

• No issues on our hosting project otherwise

Repro Steps

1. Open https://requests.thesqd.com on a Mac (Sequoia 15.4.1)

2. Use curl or Safari — SSL error appears

3. Open same page on https://requests-squad.vercel.app — loads fine

**
Project Details**

• Hosted on Vercel

• Custom domain: requests.thesqd.com

• Vercel fallback domain: prf4.vercel.app

• Using automatic HTTPS (Let’s Encrypt)

• Framework: Next.js (but issue appears before any client code runs)

Hypothesis

We think this may be due to Vercel edge nodes caching a partial certificate chain for our custom domain. We’ve seen a similar issue before with Fillout + custom domains using Let’s Encrypt’s R10 intermediate.

What we need help with:

• Can we force Vercel to fully reissue the SSL cert and flush edge caches for the custom domain?

• Is there a deeper issue with how Vercel serves the Let’s Encrypt R10 chain to Apple clients?

Hi @thesquad, welcome to the Vercel Community!

Thanks for sharing the in-depth details about the issue. I tried to recreate it on Safari (Mac OS 15.5 (24F74)) but the website loaded with SSL no issues.

Can you confirm the issue still exists for you?

In the past, we’ve noticed that when the issue happens on selective devices, it is either caused by the ISP or some VPN/Firewall system in place. I’d request to also look into this angel.

I have never been able to reproduce it but the user still is experiencing this issue.

I see. As I said, it’s hard to recreate it on their behalf but in the past we’ve seen it was due to some firewall/vpn restrictions or the ISP had issues.

If possible, maybe they can try changing their DNS servers to Google’s and see if that resolves the issue.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.