Hi i have specific problem which i haven't faced before because i never had to run different certificate for the same domain and subdomain but other company is requesting to run their own certificate on their server, the thing is main domain and subdomain are on a different servers. This is the scenario: On my hosting i have created maindomain.tld and i have created subdomain.maindomain.tld On that same hosting i have let's encrypt certificate and it works fine for all domains and subdomains on that server. But the other company want to run their own script on their own server, so in DNS fields they requested me to input A record for subdomain on their server ip. DNS would look basically like this: A subdomain.domain.tld (secondary server ip) A domain.tld (main server ip) NS domain.tld ns1.mainserver.tld CAA domain.tld 0 issuewild "letsencrypt.org" This is a short version, basically like any other setup, main domain is going to ns1 and ns2 of the hosting, subdomain is going to other company server IP. They have requested me to remove CAA record, but let's encrypt added that, and i am not sure if it will automatically renew next time if i remove CAA record. They are unable to renew their own certificate on their server because there is let's encrypt on the main server domain. I have an option to generate let's encrypt certificate on subdomains or to uncheck the option for subdomains, also as i understand wildcard should allow generation of certificate for subdomains too. So how can we make it work that both servers are able to renew certificates properly. I just want to mention they use sectigo on cpanel.