What is an CAA record and how it is configured

A CAA record (Certification Authority Authorization) allows you to specify which Certificate Authorities (CA) can issue SSL certificates for your domain or subdomains.

 

CAA records are configured to prevent incorrect certificates from being issued for a domain or subdomains. The Certificate Authority (CA) must check if a CAA record exists before issuing a certificate.

 

Only the Certification Authorities (CA) configured in the record can issue certificates for the domain or subdomain. In other words, if you have a CAA record, only the specified Certification Authorities can issue certificates for your domain or subdomain.

 

How to configure a CAA record

 

Access your cdmon control panel and click on the DNS option for the domain where you want to configure the CAA record.

 

In the "DNS Records" screen, click on New record.

 

In the "Record type" dropdown, select CAA.

 

Once in the CAA record configuration panel, you will be able to configure the following parameters:

• TTL value: by default the value is 900 seconds.
• Redirect: you must indicate which records you want to be certified. The main record (@), the WWW subdomain, or a specific subdomain.
• Value: you must choose what the CAA record will allow the Certification Authority (CA) to do.
• CA domain: you must indicate the domain of the Certification Authority, for example: letsencrypt.org.

 

Finally, click Save record once all parameters have been configured.

 

For more information, you can contact us .

• Related Articles

• How to set up SPF record for mail in static DNS

  SPF stands for Sender Policy Framework, a protection against email address spoofing. It identifies the SMTP mail servers authorized to send messages through domain name system (DNS) records. Its purpose is to prevent, for example, a message with the ...

• How to set up the SRV record for mail in static DNS

  SRV is a DNS record where information about the available services of the domain is specified. In practical terms, this record is required in protocols such as SIP or XMPP, where information is queried to determine where to find the service. For ...

• How to set up a CNAME record

  Register domain online A CNAME Record (Canonical Name Record) is the equivalent of an alias for another record. It is used when one or multiple records need to point to the same record. If that record points to an IP address and the others point to ...

• How to set up a TXT record

  A TXT record is a type of DNS record that provides text information to external sources outside our domain. The TXT record not only allows you to enter any type of information in text format, but nowadays, combined with the SPF protocol, it can be ...

• How to set up email or record MX

  The MX Record (Mail Exchanger Record) is the record that enables email reception. It specifies the mail servers associated with the domain. An MX record always points to an A record, never to a CNAME. To configure the mail record or MX record of your ...