aha, I spotted the problem. That domain (deakin.edu.au) has settings that will prevent us from provisioning an SSL certificate for ANY host in the domain:
$ host -t CAA deakin.edu.au
deakin.edu.au has CAA record 0 issue "quovadisglobal.com"
deakin.edu.au has CAA record 0 issuewild "digicert.com"
deakin.edu.au has CAA record 0 issue "amazon.com"
deakin.edu.au has CAA record 0 issue "digicert.com"
deakin.edu.au has CAA record 0 issuewild "quovadisglobal.com"
deakin.edu.au has CAA record 0 iodef "mailto:firstname.lastname@example.org"
Your IT admins should be able to let you know if they are either:
- willing to change this policy to include let’s encrypt, our SSL provider (details here on what they’d add: https://letsencrypt.org/docs/caa/
- or willing to set up a special setting for your specific domain, which they can do by adding a CAA record just for it, rather than changing the one for the whole school’s domain.
- finally they could provide you with an SSL certificate to use that their vendor has generated for them.
Regardless, until that is resolved, we cannot provide SSL for you. I have a bug report on this information not turning up in the UI - sorry to hear you wasted so much time on it!