30132: Certificate cannot be validated.

Twilio can't validate the TLS certificate you uploaded for a Link Shortening domain. For Link Shortening, the certificate and private key must be in PEM format, use the required BEGIN and END lines, and match the correct domain or subdomain. Provide the full chain of trust when you encrypt the connection.

• The certificate was uploaded in the wrong format or does not start and end with the required PEM boundaries.
• The private key is missing, malformed, or not in PEM or PKCS #8 format.
• The certificate and key were generated for a different domain or subdomain.
• The full chain of trust was not provided with the upload.

• Upload a certificate and private key in PEM format, and confirm the certificate starts with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE-----.
• Confirm the private key starts with -----BEGIN PRIVATE KEY----- and ends with -----END PRIVATE KEY-----, or use PKCS #8 format.
• If you use a subdomain, generate the certificate and key for that subdomain.
• Upload the full chain of trust as a single file, including the server certificate, intermediate CA certificates, and root CA certificate.
• Upload the certificate again in the Console or send the POST request to the Link Shortening domain's Certificate subresource, then check the validation status after up to five minutes.

• Link Shortening Onboarding Guide