State your Preferred Certificate Authority
A Certification Authority Authorization (CAA) record is a DNS record type that gives you the power to control which certificate authorities are allowed to issue SSL certificates for your domain(s). Once you state your preferred CA(s), only the whitelisted CA(s) can issue SSL certificates for the domain(s) you control. This way it minimizes the security risks as only the listed CAs can issue certificates for your domain(s).
Beginning September 8, 2017, it has become obligatory for all CAs to check for a domain’s CAA record before issuing SSL certificate. This will be applied to all types of SSL certs – DV, OV, and EV. Although it isn’t mandatory for domain owners, it is an excellent way to protect website security and improve customers’ trust.
Generate your CAA Record
Using our awesome tool, you can generate your CAA Records in a blink of an eye. Just enter your domain, state your preferred CA and select the certificate type. Our tool will take care of the rest!
If you’re using your Domain Registrar’s DNS or any another Service
There’s no need to worry as almost all domain registrars and DNS providers comply with the CAA records. Below is a list of some of the largest DNS providers supporting CAA records. If you can’t see your provider on this list, just contact their customer support team and ask.