You may use a temporary fix.
Current: mailman.dot.asia -> CNAME jerry.dot.asia
First step: Remove the CNAME, add an A-record
mailman.dot.asia -> ip of jerry.dot.asia
Second step: Add a CAA
mailman.dot.asia
Then try to create a certificate.
You may use a temporary fix.
Current: mailman.dot.asia -> CNAME jerry.dot.asia
First step: Remove the CNAME, add an A-record
mailman.dot.asia -> ip of jerry.dot.asia
Second step: Add a CAA
mailman.dot.asia
Then try to create a certificate.