Suddently can't rewnew cert on apache

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: brainlint.org

I ran this command: tried several but most recently "certbot -v renew"

It produced this output:
Domain: brainlint.org
Type: caa
Detail: CAA record for brainlint.org prevents issuance

Domain: www.brainlint.org
Type: caa
Detail: CAA record for www.brainlint.org prevents issuance

My web server is (include version):
Server version: Apache/2.4.38 (Raspbian)
Server built: 2020-08-25T20:08:29

The operating system my web server runs on is (include version):
Raspbian 10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.17.0

I set this up in may, it worked fine, dry run worked like a charm. I haven't touched anything since then and am unsure why I can't auto renew. I AM able to access the site securely right now, certbot just won't renew.

Thanks!

Hmm: https://unboundtest.com/m/CAA/brainlint.org/HY6Y5KET

That's meant to be

issue "letsencrypt.org"

not

letsencrypt.org "issue"

The tag and the value appear to have their places switched.

2 Likes

Good grief, that was it... thank you. Why in the World did it work the first time like that?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.