What is a CAA DNS record for?

Last updated on 06 Sep 2023, 16:31:29.
Category: All about SSL certificates | All about domain names


CAA (Certification Authority Authorization) DNS records are used to check which certificate authorities are authorized to issue SSL certificates for a specific domain. It is intended to provide additional security.

A CAA record allows you, the domain owner, to indicate which certificate authorities are authorized to issue certificates for your domain. Here is an example of a CAA record:

example.com. CAA 0 issue "ca.example.net"

In this example, "example.com" is the domain for which the CAA record is set. "ca.example.net" is the certificate authority authorized to issue SSL certificates for the domain"example.com".

This CAA record indicates that only the certificate authority "ca.example.net" has permission to issue certificates for the domain "example.com". Other certificate authorities are then not allowed from issuing certificates for this domain, even if they would otherwise be authorized to do so.

Adding a CAA record to your DNS zone provides an additional layer of security and helps prevent unauthorized certificate authorities from issuing SSL certificates for your domain. It gives you more control over who is authorized to issue SSL certificates for your domain.

If you need help configuring a CAA record, don't hesitate to contact our team. We will be happy to assist you.

Related articles

Order an SSL certificate? What is an SSL certificate?

You need to order an SSL certificate? But what is an SSL certificate? And why is everyone saying that it...

Read more

SHA1, SHA2 and SHA256 SSL algorithms

SHA is a mathematical algorithm used in SSL encryption to verify the validity of the certificate's signature. Different iterations of...

Read more

Why do I see a yellow warning triangle on an HTTPS secured website?

The yellow warning triangle you may see when visiting a webpage that's secured with SSL, is an indication that Google...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Select your language

All languages: