Route 53 Problems with CAA Records

OS type and version Rocky Linux 9.1
Webmin version 2.001
Virtualmin version 7.3

Hi! First of all, thank you for making such an awesome piece of software that makes it so easy to manage webservers! Now back to the problem: I have Route 53 set up as my cloud DNS provider. Whenever I try to issue any wildcard certificates, Virtualmin tries to update existing CAA records (as it should) in Route 53, but, for some reason does not follow the syntax needed for updating CAA records. I am getting this error:

Hook ‘–manual-auth-hook’ for domain.tld reported error code 255
Hook ‘–manual-auth-hook’ for domain.tld ran with error output:
Failed to update DNS records :
An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: [Invalid Resource Record: ‘FATAL problem: CAARRDATAInvalidValue (Invalid value) encountered with ‘Value is not inside quotation mark’’]

It does not matter if I update the CAA record manually.

Well it complaining about quotation marks. The CAA records should be CAA 0 issuewild “” with being in quotation marks.

this may help as well

Hi, stefan1959. I think your reply missed the mark here. I already know that should be inside quotation marks. When you request a wildcard SSL certificate using Virtualmin, you do not get to choose what records Virtualmin will update in the backend, it updates your _acme-challenge TXT records automatically itself, and when requesting a wildcard SSL certificate, it also updates the CAA record. The problem arises somehow in my installation when Virtualmin tries to update the CAA record without quotation marks in Route 53.