Hello! I am moving some stuff onto pfsense and I installed the ACME package. When I added a domain to get a cert for it throws the error below. I am using DNS-Cloudflare as part of the process.
My domain is:
vawun.rehlmhosting.com
I ran this command:
Issue/Renew Cert via Pfsense ACME Gui
It produced this output:
[Sun Apr 26 13:05:34 PDT 2020] Sign failed, finalize code is not 200.
[Sun Apr 26 13:05:34 PDT 2020] {
“type”: “urn:ietf:params:acme:error:caa”,
“detail”: “Error finalizing order :: Rechecking CAA for “vawun.rehlmhosting.com” and 1 more identifiers failed. Refer to sub-problems for more information”,
“status”: 403,
“subproblems”: [
{
“type”: “urn:ietf:params:acme:error:caa”,
“detail”: “Error finalizing order :: While processing CAA for vawun.rehlmhosting.com: DNS problem: SERVFAIL looking up CAA for vawun.rehlmhosting.com - the domain’s nameservers may be malfunctioning”,
“status”: 403,
“identifier”: {
“type”: “dns”,
“value”: “vawun.rehlmhosting.com”
}
},
{
“type”: “urn:ietf:params:acme:error:caa”,
“detail”: “Error finalizing order :: While processing CAA for www.vawun.rehlmhosting.com: DNS problem: SERVFAIL looking up CAA for www.vawun.rehlmhosting.com - the domain’s nameservers may be malfunctioning”,
“status”: 403,
“identifier”: {
“type”: “dns”,
“value”: “www.vawun.rehlmhosting.com”
}
}
]
}
My web server is (include version):
The operating system my web server runs on is (include version):
Pfsense 2.4.5-RELEASE (FreeBSD 11.3-STABLE)
I think I have my cloudflare settings correct:
Cloudflare API Key = Global Key
Cloudflare API Email Address = email addr
Cloudflare API Token = token with read on zone zone and edit on zone dns
Cloudflare API Account ID = found under cloudflare website settings
Cloudflare API Zone ID = found under cloudflare website settings