Hi, We're experiencing an issue with verifying our domain for Apple Pay on the web. It's currently stuck in the "Pending" state despite meeting the listed requirements. The domain in question has been verified once successfully but one month later when we renewed the SSL, we were unable to verify the domain again. Please note that the new certificate's CA chain has been changed.
A) The "apple-developer-merchantid-domain-association.txt" file is publicly accessible at the following location:
/.well-known/apple-developer-merchantid-domain-association.txt
B) We've also ensured that the following IP ranges are whitelisted:
17.32.139.128/27 17.32.139.160/27 17.140.126.0/27 17.140.126.32/27 17.179.144.128/27 17.179.144.160/27 17.179.144.192/27 17.179.144.224/27 17.253.0.0/16 17.23.4.96/27 17.132.108.64/26 17.23.24.32/27 17.23.19.0/27 17.157.40.128/27 17.157.44.128/27 17.157.32.0/27
C) Our servers support TLS 1.2 already.
D) "ECDHE-RSA-AES128-GCM-SHA256" cipher suite has been used, so we believe all necessary criteria are satisfied.
However, when we attempt to verify the domain, we receive the following error message:
"Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used."
Could you please advise why the verification is failing, or let us know if there's anything we might have missed?
Best regards,
Mehdi