Frequently Asked Questions
The purpose of the CAA record is to allow domain owners to declare which certificate authorities are allowed to issue a certificate for a domain. If no CAA record is present, any CA is allowed to issue a certificate for the domain. If a CAA record is present, only the CAs listed in the record(s) are allowed to issue certificates for that hostname.
If you control your own DNS and a CAA record is present please ensure the following CAA records are in place so that we can issue SSL certificates for your domain:
yourdomain.com. 14400 IN CAA 0 issue "comodoca.com"
yourdomain.com. 14400 IN CAA 0 issue "letsencrypt.org"
To check if a CAA record is present you can run the following from a Linux terminal:
dig CAA yourdomain.com (replace yourdomain.com with your real domain)
Please wait... it will take a second!