I didn’t setup any restrict on CAA , and seems my DNS server do response caa requirements , I reviewed the similar topics but didn’t find a situation that suit my case , can anyone help ? Appreciate it .
$ dig @8.8.8.8 logana.daikin.net.cn caa
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6 <<>> @8.8.8.8 logana.daikin.net.cn caa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44829
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;logana.daikin.net.cn. IN CAA
;; AUTHORITY SECTION:
daikin.net.cn. 599 IN SOA ce1.dns.com. admin.dns.com. 1545897019 7200 3600 1209600 1800
;; Query time: 286 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jan 3 14:39:20 2019
;; MSG SIZE rcvd: 91
My domain is: logana.daikin.net.cn
I ran this command: /certbot-auto renew
It produced this output: IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: logana.daikin.net.cn
Type: None
Detail: DNS problem: SERVFAIL looking up CAA for
logana.daikin.net.cn
My web server is (include version): nginx-1.12.1-1.33
The operating system my web server runs on is (include version): Amazon Linux AMI release 2018.03
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no