What is the name of the domain?
What is the issue you’re encountering
We have 5 domains that we let google certificate manager handle for us. We use DNS Authorization to validate domain ownership. As you know this creates a CNAME record reference that needs to exist with our domain registrar (cloudflare). In GCP I, for one of the failing domains, have this config: DNS Record name: _acme-challenge.veyra.org. DNS Record data: 54123816-7e95-47cc-ba6c-772914f21405.6.authorize.certificatemanager.goog. And a DIG for this returns the same record data dig _acme-challenge.veyra.org. CNAME +short 54123816-7e95-47cc-ba6c-772914f21405.6.authorize.certificatemanager.goog. REST/console only complains with CONFIG and AUTH_ISSUE. All 5 certs worked back in march but now 3 are failing to renew. Any ideas would be greatly appreciated. Our terraform does show a delta with the last dot “.” in the DNS record name and record data (and the cloudflare UI only renders name as “_acme-challenge” but AFAIK I can’t change the name gcp uses for its record). And since the DIG works I assume that diff has no impact? “provisioningIssue”: { “reason”: “AUTHORIZATION_ISSUE” }, “state”: “PROVISIONING”, “authorizationAttemptInfo”: [ { “domain”: “*.veyra.org”, “state”: “FAILED”, “failureReason”: “CONFIG” } ] },
What feature, service or problem is this related to?
DNS records