Certification Authority Authorization (CAA) record
A Certification Authority Authorization (CAA) record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain. The purpose of the CAA record is to allow domain owners to declare which certificate authorities are allowed to issue a certificate for a domain.
Here the step to add CAA record.
Step 2 : Then, you need to choose the type which is CAA.
The CAA record is represented by the following elements:
- Flag : unsigned integers between 0 and 255. By the way, 0 is a default.
Tag represented the critical flag that has specific meaning per RFC.
The RFC currently defines 3 available tags:
- issue : explicity authorizes a single certificate authority to issue a certificate (any type) for the hostname.
- issuewild : explicity authorizes a single certificate authority to issue a wildcard certificate (and only wildcard) for the hostname.
- iodef : specifies an URL to which a certificate authority may report policy violations.
Step 3 : Then, click on Add Record button and your CAA record will be add to your DNS record.