Symptoms
When running AutoSSL, you receive an error similar to the following when the domain has a CAA record.
CA forbidden: "domain.tld"
Description
The error occurs when the domain's CAA record doesn't authorize Let's Encrypt to issue certificates for the domain.
Workaround
The CAA record must be removed or updated to allow Let's Encrypt to issue certificates for the domain. The CAA record should look similar to the record below.
domain.tld. IN CAA 0 issue "letsencrypt.org"
Please note that "exampledomain.tld" must be replaced with the appropriate domain name.
Comments
0 comments
Article is closed for comments.