Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:nblp.moph.go.th
I ran this command: sudo certbot --apache
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
1: nblp.moph.go.th
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for nblp.moph.go.th
Waiting for verification...
Challenge failed for domain nblp.moph.go.th
http-01 challenge for nblp.moph.go.th
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: nblp.moph.go.th
Type: caa
Detail: CAA record for nblp.moph.go.th prevents issuance
root@096241-U:~#
My web server is (include version): apache2 On Ubuntu20.04
The operating system my web server runs on is (include version): Ubuntu20.04
My hosting provider, if applicable, is: Linux
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):2.4