Hi guys. I'm having this problem and is just blowing my mind. I followed this tutorial: https://help.pythonanywhere.com/pages/LetsEncrypt/ very carefully and several times, also tried getting the ssl certificate with zerossl but surprisingly it returns the same annoying error. I suppose it's something related to some setting i am missing, i don't know but pleeeeease, help me.
The error specifically is: "CAA record for leoprada.pythonanywhere.com prevents issuance"
This is the log of the followed steps:
:::06:52 ~ $ pip3.6 install --user --upgrade pythonanywhere
Looking in links: /usr/share/pip-wheels Requirement already up-to-date: pythonanywhere in ./.local/lib/python3.6/site-packages (0.7.4) Requirement already satisfied, skipping upgrade: docopt in /usr/lib/python3.6/site-packages (from pythonanywhere) (0.6.2) Requirement already satisfied, skipping upgrade: python-dateutil in /usr/lib/python3.6/site-packages (from pythonanywhere) (2.7.3) Requirement already satisfied, skipping upgrade: requests in /usr/lib/python3.6/site-packages (from pythonanywhere) (2.19.1) Requirement already satisfied, skipping upgrade: six>=1.5 in /usr/lib/python3.6/site-packages (from python-dateutil->pythonanywhere) (1.11.0) Requirement already satisfied, skipping upgrade: urllib3<1.24,>=1.21.1 in /usr/lib/python3.6/site-packages (from requests->pythonanywhere) (1.23) Requirement already satisfied, skipping upgrade: certifi>=2017.4.17 in /usr/lib/python3.6/site-packages (from requests->pythonanywhere) (2018.8.13) Requirement already satisfied, skipping upgrade: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests->pythonanywhere) (3.0.4) Requirement already satisfied, skipping upgrade: idna<2.8,>=2.5 in /usr/lib/python3.6/site-packages (from requests->pythonanywhere) (2.7)
Cloning into '/home/leoprada/dehydrated'... remote: Enumerating objects: 8, done. remote: Counting objects: 100% (8/8), done. remote: Compressing objects: 100% (7/7), done. remote: Total 1922 (delta 1), reused 5 (delta 1), pack-reused 1914 Receiving objects: 100% (1922/1922), 637.08 KiB | 0 bytes/s, done. Resolving deltas: 100% (1200/1200), done. Checking connectivity... done.
:::06:53 ~ $ echo WELLKNOWN=/home/leoprada/letsencrypt/wellknown > ~/letsencrypt/config
:::06:54 ~ $ cd ~/letsencrypt
:::06:54 ~/letsencrypt $ ~/dehydrated/dehydrated --register --accept-terms
INFO: Using main config file /home/leoprada/letsencrypt/config
- Generating account key...
- Registering account key with ACME server...
- Done!
:::06:55 ~/letsencrypt $ ~/dehydrated/dehydrated --config ~/letsencrypt/config --cron --domain leoprada.pythonanywhere.com --out ~/letsencrypt --challenge http-01
INFO: Using main config file /home/leoprada/letsencrypt/config
- Creating chain cache directory /home/leoprada/letsencrypt/chains Processing leoprada.pythonanywhere.com
- Creating new directory /home/leoprada/letsencrypt/leoprada.pythonanywhere.com ...
- Signing domains...
- Generating private key...
- Generating signing request...
- Requesting new certificate order from CA...
- Received 1 authorizations URLs from the CA
- Handling authorization for leoprada.pythonanywhere.com
- 1 pending challenge(s)
- Deploying challenge tokens...
- Responding to challenge for leoprada.pythonanywhere.com authorization...
- Cleaning challenge tokens...
- Challenge validation has failed :( ERROR: Challenge is invalid! (returned: invalid) (result: { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:caa", "detail": "CAA record for leoprada.pythonanywhere.com prevents issuance", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/gfgIzxEv1_uSyuzVXIuTXVME37Pv9_G6RlQDYVBGrJ8/10046421169", "token": "KAZMr-Tkp7bflgQUTR9x8p7lXx4HbZisc6Uw7eXGpVg", "validationRecord": [ { "url": "http://leoprada.pythonanywhere.com/.well-known/acme-challenge/KAZMr-Tkp7bflgQUTR9x8p7lXx4HbZisc6Uw7eXGpVg", "hostname": "leoprada.pythonanywhere.com", "port": "80", "addressesResolved": [ "35.173.69.207" ], "addressUsed": "35.173.69.207" } ] })