If you already have CAA record on your domain name, add our certificate authority to your record.
What is CAA
CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. It was standardized in 2013 by RFC 6844 to allow a CA “reduce the risk of unintended certificate mis-issue.” By default, every public CA is allowed to issue certificates for any domain name in the public DNS, provided they validate control of that domain name. That means that if there’s a bug in any one of the many public CAs’ validation processes, every domain name is potentially affected. CAA provides a way for domain holders to reduce that risk.
---- Certificate Authority Authorization (CAA)
Confirm CAA is enabled on your domain name.
1. Ask certificate provider, access ControlPanel or run DIG command to check your domain name has a CAA record
A. Use the DIG command
The DIG command to check CAA record is enabled
dig YOUR-DOMAIN-NAME CAA +short
B. Use Google Admin Toolbox
https://toolbox.googleapps.com/apps/dig/#CAA/
If CAA is enabled, some records will be returned.
Go to "2. Add CAA records to DNS provider"
dig example.com CAA +short
0 issue "letsencrypt.org"
0 issuewild "comodoca.com"
0 issuewild "digicert.com"
0 issuewild "digicert.com; cansignhttpexchanges=yes"
0 issuewild "letsencrypt.org"
0 issue "comodoca.com"
0 issue "digicert.com"
0 issue "digicert.com; cansignhttpexchanges=yes"
If CAA is disabled, no records will be returned.
dig example.com CAA +short
No CAA records, back to 5. Assigning an SSL Certificate to your AMIMOTO Managed Hosting Server to complete steps.
2. Add CAA records to DNS record on provider's control panel
Add one of the following DNS records to your domain name
amazon.com
amazontrust.com
awstrust.com
amazonaws.com
Here are some samples for setting up CAA records for DNS providers.
Cloudflare
1. Add amazon.com for example.com
2. Add amazon.com for www.example.com
GoDaddy
1. Add amazontrust.com for example.com
2. Add amazontrust.com for www.example.com
Route 53
1. Add amazonaws.com for example.com
2. Add amazonaws.com for www.example.com