sliterok
commented
2 years ago Also I want to mention that this problem is quite specific for my setup. So helpful move for anyone struggling is to mention that this is default behavior of AdGuardHome. It was mentioned in this issue https://github.com/AdguardTeam/AdGuardHome/issues/2997 but I doubt they will implement anything like that. Also quite an easy fix was to block queries to the address that was specified as NS so CAA query won't timeout (it seems to be the only reason why letsencrypt fails).
Please provide full details of response from letsencrypt. Today I've been struggling for a couple of hours because this module didn't show anything helpful except for "E_ACME_UNKNOWN". Only by using certbot I could find out that the error was that I haven't set up CAA record for my domain.