CAA record problem

petercooperjr · October 18, 2022, 10:48am

This forum is primarily for Let's Encrypt support, not Google PKI support (though yeah, Certbot for some reason directs people here regardless of which CA one is using).
It's going to be hard for anyone to help you without knowing the actual domain name. But it looks like the error says that your CAA record is not allowing pki.goog to issue. So you need to ensure that your CAA record actually includes all CAs that you want to issue for your domain (or remove it if you're fine with all CAs issuing for you). You might want to try out SSLMate's CAA Tool.

Topic		Replies	Views
DNS problem: SERVFAIL looking up CAA Help	2	1345	March 11, 2021
ACME challenge fails because CAA record is not found - February 8, 2024 Help	12	763	March 15, 2024
DNS-01 challenge for a private domain name : CAA validation error Help	8	261	August 21, 2024
DNS problem: SERVFAIL looking up CAA Help	4	259	June 14, 2024
Says TXT record is invalid Help	17	1416	February 1, 2023