What is Certification Authority Authorization (CAA)?
Article Number: 000070640
Domain Name Servers (DNS) use Certification Authority Authorization (CAA) as a means of identifying which Certification Authorities are authorized to issue a certificate for that domain.
As a means of providing an additional layer of control to the DNS owner, CAA gives DNS owners the ability to determine which Certification Authorities are authorized to issue certificates on behalf of that domain name by configuring their DNS CAA record.
For the complete report on CAA, please see RFC 6844.
Please see our technote on how to add a CAA record to your DNS zone file.
Please see the technote on how you can add a CAA record in a hosted DNS, and what hosted DNS service providers currently support CAA.
CAA Supported DNS Products:
Google Cloud DNS
If you have any questions or concerns please contact the AffirmTrust department for further assistance:
Support Hours of Operation:
Sunday 8PM ET to Friday 8PM ET