Hi MK, based on this Github thread it seems like this is a known scenario. Below is the workaround that was suggested:
"So we believe the problem is caused by the presence of CAA records in your custom domain's parent domain, which prevents the SWA platform from provisioning a certificate. For example, if you are trying to add yoursite.mydomain.com to the SWA and you have incompatible CAA records at mydomain.com (the parent domain), we will be unable to issue a certificate and the overall custom domain add process will fail.
You can either
- remove these CAA records, or
- add a new CAA record to enable our certificate provider, DigiCert, to issue certificates for your domain. this would be of the form
mydomain.com CAA 0 issue "digicert.com"
After the record changes propagate, you should be able to try again. "
Hope that helps. Please let us know if you have further questions
Thanks,
Grace
--If the reply is helpful, please Upvote and Accept as answer--