I have tried to add
accounturi to CAA record of the domain:
dottedmag.eu has CAA record 0 issue "letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/35072636"
certbot failed to renew the certificate. If I remove
accounturi the renewal starts to work again.
I see CAA
accounturi attribute support was enabled several days ago: Enabling ACME CAA Account and Method Binding — was it backed off? Or am I using wrong syntax of
My domain is:
I ran this command:
certbot renew --force-renewal --dry-run --cert-name www.dottedmag.net (
dottedmag.eu is included in the set of domains to renew).
It produced this output:
Simulating renewal of an existing certificate for dottedmag.eu and 5 more domains Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: dottedmag.eu Type: caa Detail: CAA record for dottedmag.eu prevents issuance
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 2.1.0