SSL certificate creation fails
When a SSL certificate creation fails for a domain, check if there are existing CAA (Certificate Authority Authorization) records for your domain, delete the existing SSL certificate entry when the CAA record has been updated, attempt to add the SSL certificate again through ÃÛ¶¹ÊÓƵ Cloud Manager, verify that the SSL certificate status changes from Undetected to active or valid, and check for SSL creation errors.
Description description
Environment
ÃÛ¶¹ÊÓƵ Experience Manager as a Cloud Service - Sites (AEMaaCS - Sites)
Issue
You can’t successfully create a SSL certificate for a domain within AEMaaCS - Sites.
This problem can manifest as the SSL status showing as Undetected.
Resolution resolution
To resolve the issue of an SSL certificate not being created, follow these steps:
- Check if there are existing CAA records for your domain. If you have a CAA in place for your domain, you need to add one for Let’s Encrypt as well, as described in on the Let’s Encrypt Certificate Authority website. Let’s Encrypt is the provider that we use to issue certificates.
- Once the CAA record has been updated, delete the existing SSL certificate entry.
- Attempt to add the SSL certificate again through ÃÛ¶¹ÊÓƵ Cloud Manager.
- Verify that the SSL certificate status changes from Undetected Ìý³Ù´Ç active or valid.
- Ensure that there are no further errors related to SSL creation.
By following these steps, you should be able to successfully create an SSL certificate for your domain within AEMaaCS.