ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    Do you add CAA records to your DNS records?

    IT Discussion
    lets encrypt dns
    5
    6
    1032
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Pete.S
      Pete.S last edited by Pete.S

      Do you add CAA (Certification Authority Authorization) records to your DNS records?

      Is it important for FQDNs that have Let's Encrypt certificates?

      scottalanmiller 1 Reply Last reply Reply Quote 1
      • dbeato
        dbeato last edited by

        I haven't done that in a long time however Let's Encrypt do check for it so it would matter if you have it implemented ahead of using Let's Encrypt.
        https://letsencrypt.org/docs/caa/

        1 Reply Last reply Reply Quote 1
        • scottalanmiller
          scottalanmiller @Pete.S last edited by

          @Pete-S said in Do you add CAA records to your DNS records?:

          Do you add CAA (Certification Authority Authorization) records to your DNS records?

          Is it important for FQDNs that have Let's Encrypt certificates?

          Yes, but it is automatic with CloudFlare, not something that we have to think about.

          JaredBusch 1 Reply Last reply Reply Quote 1
          • M
            marcinozga last edited by marcinozga

            Yes, but word of caution. If you get certs from multiple different providers, don't forget to add records for all of them. Otherwise getting certs will fail, and it's almost impossible to troubleshoot.

            JaredBusch 1 Reply Last reply Reply Quote 1
            • JaredBusch
              JaredBusch @scottalanmiller last edited by

              @scottalanmiller said in Do you add CAA records to your DNS records?:

              @Pete-S said in Do you add CAA records to your DNS records?:

              Do you add CAA (Certification Authority Authorization) records to your DNS records?

              Is it important for FQDNs that have Let's Encrypt certificates?

              Yes, but it is automatic with CloudFlare, not something that we have to think about.

              Automatic? No it is not. Cloudflare is a real company and they do not randomly add records to your DNS. If you want CAA records, you have to add them.

              1 Reply Last reply Reply Quote 1
              • JaredBusch
                JaredBusch @marcinozga last edited by

                @marcinozga said in Do you add CAA records to your DNS records?:

                Yes, but word of caution. If you get certs from multiple different providers, don't forget to add records for all of them. Otherwise getting certs will fail, and it's almost impossible to troubleshoot.

                Yes, like this.
                caae902b-b24b-46a0-9102-6267aa67770a-image.png

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post