LetEncrypt query timed out looking up CAA. Work-a-round

Written by James McDonald

April 27, 2017

Annoying problem with LetsEncrypt when running
./certbot-auto renew

 - The following errors were reported by the server:

   Domain: test.example.com.au
   Type:   connection
   Detail: DNS problem: query timed out looking up CAA for

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.


For some reason if you try and renew a cert with two domains in it you get the annoying error above. So try this:

./certbot-auto certonly --webroot -w /var/www/test/ -d test.example.com.au


Submit a Comment

Your email address will not be published.

You May Also Like…

PHP Iterators

Just came across a Youtube talk "Iterators in PHP" by Jake Smith published in 2014 that steps through the many...

PHP array_map Multiple Arrays

array_map can take multiple arrays. I like how it starts mapping through them starting at the first element of each...