Jürgen
Wanneer het aanvragen van een SSL-certificaat mislukt krijg je een mailtje met tips:
".. Make sure:
- you have the domains IP addresses correctly setup?
- your public folder is accessible (you can change "Web directory" inside your site)
Also check your server logs, these may help you clarify more what is going on."
Het kan zijn dat een certificaat niet aangevraagd kan worden omdat er een CAA-record in de DNS is opgenomen. (zie https://letsencrypt.org/docs/caa/). Misschien een ideetje om dit ook in die mail te zetten?
Dennis
I'm not all too sure about this request. I know you can't request SSL with AAAA records, do you have any of those?
Jürgen
Item authorThe reason I could not get a SSL from Lets's Encrypt had nothing to do with AAAA/A records. The existance of a CAA record prevented it. But that problem wasn't hinted in the mail so I think it might be helpfull to mention that.
Alex
This might also be a very nice addition to the pre-certificate request checks to validate there is a permissive CAA record present (or no CAA record at all).
Let's Encrypt CAA-record
-
Dennis moved item to board Planned
2 years ago -
Dennis moved item to board Under review
2 years ago -
Dennis moved item to project Site Level Requests
2 years ago -
Jürgen opened
2 years ago