cloudflare cf cdn审核日志里面出现CAA证书失败的解决办法
显示类似的结果,代表CAA没有加白名单,被拦截了,查看到CF的证书颁发商是DigiCert Baltimore Root,那么给域名加白就行了{
"Brand id": null,
"Bundle method": "ubiquitous",
"Dedicated ips": false,
"Id": "xxxxxxxxxxxxxxxxxxxxx",
"Modified on": "2020-03-08",
"Priority": 0,
"Sans": {
"0": "itzmx.com",
"1": "sni.cloudflaressl.com"
},
"Status": "pending_issuance",
"Type": "universal",
"Validation errors": {
"0": {
"Message": "caa_error: itzmx.com"
}
},
"Validation method": "http",
"Validation type": "dv",
"Validity days": 365,
"Zone id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"Zone internal id": xxxxxxxx
}
;; CAA Records
itzmx.com. 120 IN CAA 0 issue "digicert.com"
itzmx.com. 120 IN CAA 0 issue "sectigo.com"
itzmx.com. 120 IN CAA 0 issue "letsencrypt.org"
itzmx.com. 120 IN CAA 0 issue "pki.goog"
itzmx.com. 120 IN CAA 0 issuewild "digicert.com"
itzmx.com. 120 IN CAA 0 issuewild "sectigo.com"
itzmx.com. 120 IN CAA 0 issuewild "letsencrypt.org"
itzmx.com. 120 IN CAA 0 issuewild "pki.goog"
itzmx.com. 120 IN CAA 0 iodef "mailto:1265578519@qq.com"
本贴的caa记录已经同步cloudflare官方最新数据
参考这个贴:https://bbs.itzmx.com/thread-102696-1-1.html
{:3008:}
页:
[1]