Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: blog.thelorry.com
I ran this command: Squarespace setup process
It produced this output: There was an error creating your certificates.
My web server is (include version): N/A
The operating system my web server runs on is (include version): N/A
My hosting provider, if applicable, is: Squarespace
I can login to a root shell on my machine (yes or no, or I don’t know): No, squarespace managed hosting
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): N/A
I was trying to get my an SSL cert issued for a blog of the company I’m working at and wasn’t able to do so for months. We have a lot of back and forth in emails and made sure my DNS was exactly the same as what Squarespace required but the SSL still keeps going to processing state and shows the aforementioned error message after few days and we would get the process restart, same issue, rinse and repeat for months.
They (squarespace support) finally came out with the conclusion that my domain provider is causing the issues, preventing certificates from being issued and gave me 2 option, transfer the domain to squarespace (not happening) or run it insecure (not acceptable per my company policy).
However I didn’t have the same issue with my site running on firebase (auth.thelorry.com) which uses letsencrypt as well or any other CA that we used previously. Can you help me check if there’s any changes that I should make on my side to make this work or if anything else is causing the issue?
No CAA record has been set for blog.thelorry.com as it has a CNAME record linking to squarespace, which as far as I know should use the linked cname settings instead?