So my problem is this:
I have a root domain which is from 1&1 (Ionos) and that has its own SSL certificate. I also have another server running an application using Digital ocean which also needs an SSL cert. But because this server is a subdomain, certbot just spits this error out whenever I attempt to create a new cert.

sudo certbot –nginx -v

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?

1: chat.crypto******.com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Requesting a certificate for chat.crypto***.com
Performing the following challenges:
http-01 challenge for chat.crypto.com
Waiting for verification…
Challenge failed for domain chat.crypto.com
http-01 challenge for chat.crypto***.com

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: chat.crypto******.com
Type: dns
Detail: DNS problem: SERVFAIL looking up CAA for cryptogmrprofiles.com - the domain’s nameservers may be malfunctioning

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.