Adding an CAA Record

A CAA record lists the certification authorities approved to issue certificats for a domain. Any certification authority that is not listed in a CAA record of a domain, will not be allowed to issue certificates for that domain or any subdomain.

  1. Go to Domains > Details of [example.org] - 🔎 > DNS records,

    Administration interface: list of DNS records
    Administration interface: list of DNS records

  2. Choose Add a DNS record,

  3. Fill-in the form.

    Administration interface: add an CAA record
    Administration interface: add an CAA record

Warning

Do not put the root into the Hostname. For example, by putting www.example.org in this box, you will create a record for www.example.org.example.org.

Three tags are available:

  • issue which allows an authority,
  • issuewild which allows an authority for wildcard certificates,
  • iodef which gives a URL that certification authorities can contact in case of problems.
Info

Let’s Encrypt certificates are generated for every HTTP address hosted on our servers. They must be authorized.

Some examples

  • Let’s Encrypt authorization:

    » Hostname: [leave blank]
» Value: 0 issue "letsencrypt.org"
» TTL: 300