What is a CAA DNS record for?

Last updated on 06 Sep 2023, 16:31:29.
Category: All about SSL certificates | All about domain names

DNS

CAA (Certification Authority Authorization) DNS records are used to check which certificate authorities are authorized to issue SSL certificates for a specific domain. It is intended to provide additional security.

A CAA record allows you, the domain owner, to indicate which certificate authorities are authorized to issue certificates for your domain. Here is an example of a CAA record:

example.com. CAA 0 issue "ca.example.net"

In this example, "example.com" is the domain for which the CAA record is set. "ca.example.net" is the certificate authority authorized to issue SSL certificates for the domain"example.com".

This CAA record indicates that only the certificate authority "ca.example.net" has permission to issue certificates for the domain "example.com". Other certificate authorities are then not allowed from issuing certificates for this domain, even if they would otherwise be authorized to do so.

Adding a CAA record to your DNS zone provides an additional layer of security and helps prevent unauthorized certificate authorities from issuing SSL certificates for your domain. It gives you more control over who is authorized to issue SSL certificates for your domain.

If you need help configuring a CAA record, don't hesitate to contact our team. We will be happy to assist you.


Related articles

Apache - Disable SSL 2.0, SSL 3.0 and opt fore a modern safe SSL config

This article shows you how to disable the SSL 2.0, SSL 3.0 and older TLS version protocols on your Apache...

Read more

What is an SPF record?

If you want to prevent your sent mails from ending up in spam or junk folders at the recipient's end...

Read more

Mails sent to gmail.com do not arrive at the recipient

Messages sent to a gmail.com address do not arrive at the recipient. The sender gets an error message back saying...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Select your language

All languages: