flat relic
I have am hosting my domain on cloudflare and have added the CAA records and have confirmed them with dig but I am still getting the below error.
Something went wrong. Please refer to our troubleshooting guide below to diagnose the issue. After fixing the issue, choose retry below.
Error message: At least one of your domains has a CAA record that does not include Amazon as an approved Certificate Authority. Please add an entry to your CAA DNS record like the following: [0 issue "amazontrust.com"], so that we can provision an SSL certificate for your domain.
I tired using issue wild for the root CAA records but that didn't work.
Dig Output
% dig CAA chatboo.app
...
chatboo.app. 60 IN CAA 0 issue "pki.goog; cansignhttpexchanges=yes"
chatboo.app. 60 IN CAA 0 issue "sectigo.com"
chatboo.app. 60 IN CAA 0 issuewild "comodoca.com"
...
chatboo.app. 60 IN CAA 0 issue "amazon.com"
chatboo.app. 60 IN CAA 0 issue "amazonaws.com"
chatboo.app. 60 IN CAA 0 issue "amazontrust.com"
chatboo.app. 60 IN CAA 0 issue "awstrust.com"
chatboo.app. 60 IN CAA 0 issue "comodoca.com"
chatboo.app. 60 IN CAA 0 issue "digicert.com; cansignhttpexchanges=yes"
chatboo.app. 60 IN CAA 0 issue "globalsign.com"
chatboo.app. 60 IN CAA 0 issue "letsencrypt.org"
...
% dig CAA app.chatboo.app
...
app.chatboo.app. 60 IN CAA 0 issue "awstrust.com"
app.chatboo.app. 60 IN CAA 0 issue "amazon.com"
app.chatboo.app. 60 IN CAA 0 issue "amazonaws.com"
app.chatboo.app. 60 IN CAA 0 issue "amazontrust.com"
neat badger