Error with LetsEncrypt request

Found wildcard domain name and http challenge type, switching to dns-01 validation.
CAA record prevents issuing the certificate: SERVFAIL

My domain is:

I have tried other domains and everything is fine.

The registrant of the domain has DNSSEC enabled for the domain at the registrar, but DNSSEC hasn't been set up on the domain's nameservers (at Cloudflare).

Disable DNSSEC at the registrar. Then if you want DNSSEC enabled, go through the DNSSEC setup process in Cloudflare from scratch.

Until you do at least the first step, this domain won't resolve at any DNSSEC-validating resolver, not just Let's Encrypt.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.