Pardot SSL Failing After Adding LetsEncrypt CAA to DNS

I’m trying to enable SSL for my tracker domain and I was told to add Let’s Encrypt CAA to my DNS, which is Azure. I ran the script to add the Let’s Encrypt CAA to my domain and it said successfil, but it’s not propagating (It’s been weeks). When I try to enable SSL for my tracker domain in Pardot, it still fails. Any suggestions would be much appreciated. Thank you !

My domain is: sirtex.com

I ran this command: https://gist.github.com/GraafG/59961e637180154194994eea0661f3ae

It produced this output: Successful

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Unsure

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Unsure

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): N/A

Hi @crmdjoohn

that’s expected. Checking your domain - https://check-your-website.server-daten.de/?q=sirtex.com#caa

2020-02-26.sirtex.com

Only digicert.com is allowed to create certificates, not Letsencrypt.

Add it again, then recheck the domain to see, if the entry is visible.

Hi,

What would happen if you login to your azure portal and list the CAA record for this domain? Have you tried to add it manually on that portal?

Thank you

I’m sorry if this is not the information you’re looking for, but it appears the Let’s Ecrypt CAA file is on the DNS, but it’s not propagating?

That’s the wrong entry. And that entry is propagated.

See https://check-your-website.server-daten.de/?q=letsencrypt-caa.sirtex.com

That’s an entry with the letsencrypt-caa.sirtex.com domain name.

2020-02-26.letsencrypt-caa.sirtex.com

Domain name must be sirtex.com, value must be letsencrypt.org, not ca1.sirtex.com.

Find your existing sirtex.com entry, add a second.

Same as @JuergenAuer’s response.

Instead of command line, can you try to do that in the actual portal for Azure? (It’ll give more sense actually).
It’s fine to not have access or not do it, but the portal generally will make life easier for users.
(The current address) of the portal is portal.azure.com

Thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.