Create CAA record
Dynu gives you full control over all the DNS configurations for your domain names.
You can log onto the control panel to manage your DNS records.
To add a CAA record in the control panel, you may follow these 3 steps.
Step 2
Go to
DNS Records
to add a CAA Record.
Node Name Enter the subdomain name, for example, subdomain1. Leave empty for the primary domain name.
Type Choose "CAA - Certification Authority Authorization".
TTL How long the server should cache the information.
Flags Flags have only two strictly defined states currently: 0 (non-critical and default) and 1 (critical). 0 is common.
Tag Tag has three values: issue, issuewild, iodef. issue is for a single domain while issuewild is for wildcard certificates. iodef is less common and specifies a URL to which an issuer may report certificate issue requests that are inconsistent with the issuer's Certification Practices or Certificate Policy.
Value For the issue and issuewild tags, the value is typically the domain name of the CA authorized by the record, for example, comodoca.com, sectigo.com, letsencrypt.org, godaddy.com, amazon.com etc. You can have more than 1 CAA record to authorize multiple CAs. For iodef tag, you’ll supply a URL where policy violations should be reported. It is usually in the format of mailto:abuse@comodoca.com.
Step 3
Check if your CAA record has gone into effect using DNS Lookup tool. Enter dynu.biz as Hostname, and choose "CAA - Certification Authority Authorization" as Type.
What is a CAA record?
CAA record is a type of DNS record that allows domain owners to specify which Certificate Authorities (CAs) are allowed to issue certificates for that domain. By default, every public Certificate Authority is allowed to issue certificates for any domain name if they are able to validate the requester's ownership of the domain name. If a CA receives an order for a certificate for a domain with a CAA record and that CA isn’t listed as an authorized issuer, they are prohibited from issuing the certificate to that domain or any subdomain.How to add a CAA record?
To add a CAA record in the control panel, you may follow these 3 steps.
Step 2
Go to
DNS Records
to add a CAA Record.
Node Name Enter the subdomain name, for example, subdomain1. Leave empty for the primary domain name.
Type Choose "CAA - Certification Authority Authorization".
TTL How long the server should cache the information.
Flags Flags have only two strictly defined states currently: 0 (non-critical and default) and 1 (critical). 0 is common.
Tag Tag has three values: issue, issuewild, iodef. issue is for a single domain while issuewild is for wildcard certificates. iodef is less common and specifies a URL to which an issuer may report certificate issue requests that are inconsistent with the issuer's Certification Practices or Certificate Policy.
Value For the issue and issuewild tags, the value is typically the domain name of the CA authorized by the record, for example, comodoca.com, sectigo.com, letsencrypt.org, godaddy.com, amazon.com etc. You can have more than 1 CAA record to authorize multiple CAs. For iodef tag, you’ll supply a URL where policy violations should be reported. It is usually in the format of mailto:abuse@comodoca.com.
Step 3
Check if your CAA record has gone into effect using DNS Lookup tool. Enter dynu.biz as Hostname, and choose "CAA - Certification Authority Authorization" as Type.