We are attempting to renew multiple certs but are seeing the same failures on all of them.
It appears that LE is not able to confirm CAA on our DNS "query timed out looking up CAA"
We are not aware of any changes to our DNS which was successful previously
Was wondering if there were any changes on LE's side to the CAA validation process? (this will help us know what to correct)
My domain is: marines.mil
I ran this command: Let's Debug
It produced this output: This test has been running for a while. This usually indicates that one or more of the domain nameservers are either inaccessible or offline
while a dig provide:
$ dig marines.mil
;; AUTHORITY SECTION:
marines.mil. 179 IN SOA usmcdns1.usmc.mil. security.mcnosc.usmc.mil. 2021081400 3600 600 604800 3600