Certificate Authority Authorization (CAA) DNS records

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name holder to specify the Certification Authorities (CAs) authorized to issue certificates for that domain. Publication of CAA Resource Records allows a public Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue.

The CAA DNS record format looks like CAA <flags> <tag> <value>
flags is a number between 0 and 255
tag is one of issue, issuewild or iodef
value contains the specific domain data for the selected tag

Similar topics

Knowledge base



Frequently asked questions

How would you rate the quality of this content?

Poor  Outstanding

Tell us why you rated the content this way.

Current rating: 4.79