Impossible to get a Let's Encript certificate

Hello !

We are trying to provision a Let’s Encript certificate, after we click on the “Verify DNS configuration” button, all seems to work as intented : " DNS verification was successful"
But when we click on the Provision certificate, after a few seconds we get an error :
We could not provision a Let’s Encrypt certificate for your custom domain.

We followed this guide : https://docs.netlify.com/domains-https/troubleshooting-tips/#dns-configuration
To try to fix it without success saddly.

We are used to do this with all of ours websites and apps and it always worked fine, this is the first time we are having this issue. We did wait more than 24h, still having the same issue.

Site Name : sofia-mail.netlify.app
Custom domain : mail.sofia.nc

Any help would be greatly appreciated ! If you need more information please let me know and we will provide it.

Thank you!

Hi, @Frenx. There is a CAA DNS record blocking Let’s Encrypt from provisioning the SSL certificate:

$ dig +noall +answer  sofia.nc CAA
sofia.nc.		3599	IN	CAA	0 issue "globalsign.com"

You will need modify that CAA record before Let’s Encrypt can issue certificates for this domain.

If there are other questions or concerns, please let us know.

1 Like

Indeed that was the problem ! we didn’t see that. Thanks a lot !