A Certification Authority Authorization (CAA) record is a DNS record that specifies which Certification Authorities (CAs) are allowed to issue SSL/TLS certificates for a domain.
Since September 8, 2017, all public CAs are required to check the CAA record before issuing a certificate, according to CA/Browser Forum requirements. If a CAA record exists and the CA is not listed, the certificate request must be rejected.
If no CAA record is present for a domain, any public CA may issue a certificate for it. Once a CAA record is set, only the listed CA(s) may issue certificates.
0 issuewild ";"
You can easily generate CAA records using online tools such as SSLMate's CAA Record Helper. It allows you to select the preferred CA, decide on wildcard issuance, and generate the correct DNS record format for your domain.
DigiCert (including GeoTrust and RapidSSL) issue "digicert.com"
issue "digicert.com"
Let's Encrypt issue "letsencrypt.org"
issue "letsencrypt.org"
Trouble logging in? Simply enter your email address OR username in order to reset your password.
For faster and more reliable delivery, add st@forpsi.com to your trusted senders list in your email software.