A Certification Authority Authorization (CAA) record is a DNS standard that gives you the authority to declare and command which Certificate Authorities can issue SSL certificates for your domain(s). This means that no other CA can issue SSL certificates for your website except the ones you choose. This is highly beneficial from a web security point of view.
Although CAA records have been around for some time, it became mandatory for the certificate authorities to check a domain's CAA record beginning September 8, 2017. Whether it's a DV, OV or EV SSL certificate, checking the CAA record is a must for the CAs. Keep in mind that it's a requirement for the CAs, not for the domain name owners.
You can effortlessly generate your domain’s CAA record thanks to our amazing tool. All you have to do is enter your domain name, tell us your favorite CA(s), select the certificate type and voila! It’ll be over before you even know it.
Here are some of the largest DNS service providers supporting CAA records:
Don't see your service provider? Just contact their support team and ask them how to do it.