Share via

Pending validation

Leo Orelli 0 Reputation points
2026-05-10T18:46:15.3866667+00:00

Custom domain portal.lebosc.org stuck on Pending validation

•	TXT record is propagated (verified on dnschecker.org)

•	Been pending for 24+ hours
Azure Static Web Apps
Azure Static Web Apps

An Azure service that provides streamlined full-stack web app development.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Aditya N 2,960 Reputation points Microsoft External Staff Moderator
    2026-05-11T01:27:24.9933333+00:00

    Hello @Leo Orelli

    Thank you for reaching out Microsoft Q&A..

    Even when the TXT record appears propagated on external checkers, validation can remain stuck due to DNS conflicts (e.g., existing CNAME at the same host) or missing CAA records required for DigiCert (the CA used by Azure for managed certificates).

    1. Add a CAA Record (Recommended first step)

    Add this at the root of your domain (lebosc.org):

    • Record type: CAA
    • Host/Name: @ (or blank)
    • Value: 0 issue "digicert.com" (include quotes if required by your DNS provider)
    • TTL: 600 (or lowest allowed)

    Verify it using this command in Azure Cloud Shell or any terminal: dig lebosc.org CAA

    You should see the DigiCert entry in the ANSWER SECTION.

    1. Remove and Re-add the Custom Domain
    • In the Azure portal, go to your Static Web App > Custom domains.
    • Delete the existing portal.lebosc.org entry.
    • Add it again (select Custom domain on other DNS).
    • Generate a new validation code for the TXT record.
    1. Add the New TXT Validation Record
    • Record type: TXT
    • Host/Name: _dnsauth.portal
    • Value: [The new validation code from the portal]
    • TTL: 600 (or low value)
    1. Refresh and Monitor
    • Click Refresh periodically in the Custom domains blade.
    • Validation typically completes within 10–30 minutes once records are correct (allow up to a few hours).
    • When it shows Validated, test the site and check for certificate errors.

    Reference:
    https://learn.microsoft.com/en-us/azure/static-web-apps/custom-domain
    https://learn.microsoft.com/en-us/azure/communication-services/quickstarts/email/add-custom-verified-domains?pivots=platform-azp
    If the answer is helpful,  Please do click "Accept the answer” and Yes, this can be beneficial to other community members.
    User's image

    If you have any other questions, let me know in the "comments" and I would be happy to help you

    Was this answer helpful?

  2. TP 156.6K Reputation points Volunteer Moderator
    2026-05-10T20:05:53.7733333+00:00

    Hi Leo,

    I checked on dnschecker.org for txt record for portal.lebosc.org and it shows all red Xs. This is understandable since you have CNAME record.

    1. Please create below DNS record in your provider's portal for lebosc.org domain:

    Record type Host Value TTL
    CAA @ 0 issue "digicert.com" 600

    To verify CAA record is correct, you may use dig command below in Azure Cloud Shell:

    dig lebosc.org caa

    In output you should have answer section similar to below:

    ;; ANSWER SECTION:
lebosc.org.            600    IN      CAA     0 issue "digicert.com"

    NOTE: digicert.com should be in quotes as shown above. With some DNS providers you need to enter the quotes in their portal while others you do not.

    2. Please delete portal.lebosc.org custom domain from your Static Web App, then add it back. Click the button to generate new validation code for TXT record.

    3. Please create below DNS record in your provider's portal for lebosc.org domain:

    Record type Host Value TTL
    TXT _dnsauth.portal <validation code generated in portal> 600

    4. Periodically click Refresh on Custom domains blade to see if the domain switches to Validated with green check mark. It typically completes the process within 20 minutes or so. Once it says validated, please test by navigating to your site and make sure there are no certificate errors or warnings.

    Please click Accept Answer and upvote if the above was helpful.

    Thanks.

    -TP

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.