If you have multiple CAA Records due to other providers like DigiCert, Comodo and Letsencrypt.org the certbot from Letsencrypt will give you that error message:
Detail: CAA record for shop.icuserver.com prevents issuance
in my opinion this should work because you can have multiple CAA records due to RFC
https://tools.ietf.org/html/rfc6844 -> Section 3
kind regards
Sebastian Fessl
1 Like
_az
June 30, 2020, 10:24am
2
Can we see your CAA record set? Your domain doesn’t have any at the moment.
As long as one of the CAA records is permissive of letsencrypt.org
, it shouldn’t matter how many you have.
1 Like
Hi @itseasy3133
itseasy3133:
If you have multiple CAA Records due to other providers like DigiCert, Comodo and Letsencrypt.org the certbot from Letsencrypt will give you that error message:
Detail: CAA record for shop.icuserver.com prevents issuance
that's simple, see your check, ~~80 minutes old - https://check-your-website.server-daten.de/?q=shop.icuserver.com#caa
13. CAA - Entries
Letsencrypt.org
is wrong, must be letsencrypt.org
.
Small difference, but important
1 Like
system
Closed
July 30, 2020, 10:40am
4
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.