Add a CAA record


Adding a CAA record to a domain allows you to reduce the likelihood of someone obtaining an unauthorized SSL certificate for your domain. You create a special DNS record that the Certificate Authority (CA) checks before issuing a certificate. You can create notification rules for when a certificate is requested from a CA that isn’t permitted. As of Sept 8, 2017, all publicly trusted CAs are required to check and respect CAA records.

Note: If your domain is registered at another company, see the Domains registered at another company section below for instructions.

Looks like you're not logged in. If you log in above (under Text Icon), we can save you a couple of steps.

  1. Go to the DNS Management page.
  2. On the DNS Management page, at the bottom of the Records section, click Add and select CAA from the menu.
  3. Complete the other fields:
    • Name - Type @ to point the record directly to your domain name.
    • Flags - Type the number 0.
    • Tag - Type issue (or issuewild if you would like to allow wildcard certificates to be issued for this domain).
    • Value - Type godaddy.com or starfieldtech.com (GoDaddy can issue certificates if one of these two values is found in the CAA record - you will need to enter additional or different values to allow other CAs to issue certificates for the domain - these values are provided by your CA).
    • TTL - Leave at default of 1 hour.
    • Click Save.

To add a CAA Record for domains registered at another company

  1. Log in to your My Products page.
  2. If you aren't automatically directed there, make sure to select the My Products tab:
  3. My products tab

  4. Click Manage All:
  5. Manage All

  6. From the top menu, click the DNS tab, and select Manage Zones:
  7. Manage All

  8. Enter the domain name you want to use and click Search.
  9. On the DNS Management page, at the bottom of the Records section, click Add and select A from the menu.
  10. Complete the other fields:
    • Name - Type @ to point the record directly to your domain name.
    • Flags - Type the number 0.
    • Tag - Type issue (or issuewild if you would like to allow wildcard certificates to be issued for this domain).
    • Value - Type godaddy.com or starfieldtech.com (GoDaddy can issue certificates if one of these two values is found in the CAA record - you will need to enter additional or different values to allow other CAs to issue certificates for the domain - these values are provided by your CA).
    • TTL - Leave at default of 1 hour.
    • Click Save.

More info


Bài này có hữu ích không?
Cảm ơn về phản hồi của bạn. Để nói chuyện với một đại diện của dịch vụ khách hàng, vui lòng sử dụng số điện thoại hỗ trợ hoặc tùy chọn trò chuyện ở trên.
Rất vui vì chúng tôi đã giúp được bạn! Chúng tôi có thể làm gì thêm cho bạn?
Rất tiếc về điều đó. Vui lòng cho chúng tôi biết điều gì làm cho bạn bối rối và vì sao giải pháp không khắc phục được vấn đề này.