Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
qat4.target.com.au
I ran this command:
Certificate request for Common Name qat4.target.com.au and SANs
aws-qat.api.target.com.au
qat.api.target.com.au
qat.app.target.com.au
qat.fluent.target.com.au
qat.parcelmgmt.target.com.au
qat.payment.api.target.com.au
qat1.api.target.com.au
qat1.app.target.com.au
qat1.target.com.au
qat2.api.target.com.au
qat2.app.target.com.au
qat2.target.com.au
qat3.api.target.com.au
qat3.app.target.com.au
qat3.parcelmgmt.target.com.au
qat3.payment.api.target.com.au
qat3.target.com.au
qat4.app.target.com.au
qat4.target.com.au
qat5.app.target.com.au
qat5.target.com.au
qat6.app.target.com.au
qat6.target.com.au
qat7.app.target.com.au
qat7.target.com.au
qat8.app.target.com.au
qat8.target.com.au
staging.parcelmgmt.target.com.au
staging.payment.api.target.com.au
uat.api.target.com.au
uat.app.target.com.au
uat.parcelmgmt.target.com.au
uat.payment.api.target.com.au
uat.target.com.au
failing.
There were few unused domains removed from the SAN list after which this error appeared.
It produced this output:
Rechecking CAA for /
Log :
LeErrorReport(statusCode=403, type=urn:ietf:params:acme:error:caa, detail=Error finalizing order :: Rechecking CAA for "qat1.app.target.com.au" and 5 more identifiers failed. Refer to sub-problems for more information)
com.akamai.cps.letsencrypt.LeOrderException: Finalize order