I have my domain registered on Cloudflare, and my site is also running on Cloudflare. So I was following the instruction on App Engine > Settings > Custom domains to add A, AAAA and CNAME records to my DNS records on Cloudflare. After a few minutes, I noticed an issue with DNS. App Engine was displaying the yellow exclamation icon with the message DNS records could not be found. Certificate activation will retry automatically.
I took a few look on Google and apparently most people resolved easily by just following the exact instruction on App Engine > Settings > Custom domains. However, that’s not my case :c
I went back to my DNS records on Cloudflare to take another look, and noticed all the newly added A, AAAA, and CNAME records have Proxy Status enabled. And according to Cloudflare:
When you proxy specific DNS records through Cloudflare - specifically A, AAAA, or CNAME records — DNS queries for these will resolve to Cloudflare Anycast IPs instead of their original DNS target. This means that all requests intended for proxied hostnames will go to Cloudflare first and then be forwarded to your origin server.
That seem like the cause, so I simply turned off proxy status on those DNS records and waited another 5 minutes.
$ gcloud beta app ssl-certificates list
ID DISPLAY_NAME DOMAIN_NAMES MANAGED_CERTIFICATE_STATUS
******** managed_certificate loc.dev OK