Knowledge Base

Unable to install Let’s Encrypt: SERVFAIL looking up CAA for example.com

 
applications extensionscaadnsdomainsplesk 17 8

Symptoms

  1. Unable to install Let's Encrypt extension:

    DNS Problem: SERVFAIL looking up CAA for example.com

  2. External name server is specified in Domains > example.com > DNS Settings.

Cause

Plesk Onyx 17.0 or 17.5 does not support CAA. Since CAA is missing, the external server returns error.

Resolution

  1. Determine the SOA server for the domain:

    # dig SOA @8.8.8.8 example.com +short
    ns1.exampleproviderserver.com. [email protected]. 17 900 600 86400 3600

  2. Contact the external name server owners to clarify why SERVFAIL error is returned. Normally, when a record like CAA is missing for domain, name servers return "no record" instead of SERVFAIL. 

    Note: CAA DNS records are supported in Plesk 17.8

    Note: the issue may be temporary. Try to issue the certificate once again in an hour.

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit