Impossible to get a Let's Encript certificate

Frenx · December 9, 2020, 6:34am

Hello !

We are trying to provision a Let’s Encript certificate, after we click on the “Verify DNS configuration” button, all seems to work as intented : " DNS verification was successful"
But when we click on the Provision certificate, after a few seconds we get an error :
“We could not provision a Let’s Encrypt certificate for your custom domain.”

We followed this guide : DNS & HTTPS troubleshooting tips | Netlify Docs
To try to fix it without success saddly.

We are used to do this with all of ours websites and apps and it always worked fine, this is the first time we are having this issue. We did wait more than 24h, still having the same issue.

Site Name : sofia-mail.netlify.app
Custom domain : mail.sofia.nc

Any help would be greatly appreciated ! If you need more information please let me know and we will provide it.

Thank you!

luke · December 9, 2020, 10:41am

Hi, @Frenx. There is a CAA DNS record blocking Let’s Encrypt from provisioning the SSL certificate:

$ dig +noall +answer  sofia.nc CAA
sofia.nc.		3599	IN	CAA	0 issue "globalsign.com"

You will need modify that CAA record before Let’s Encrypt can issue certificates for this domain.

If there are other questions or concerns, please let us know.

Frenx · December 10, 2020, 12:45am

Indeed that was the problem ! we didn’t see that. Thanks a lot !