DNS CAA Record
CAA records, or Certificate Authority Authorization records are used to specify which Certificate Authorities (CA's) are allowed to issue certificates for a domain
Example CAA record
An example CAA record may look like the following:
example.com represents domain that the record is for.
CAA is the record type.
0 is the record flag. Currently the only supported value for the flag is
0, but is defined to allow for future expansion.
issue is the record tag. Available tags for CAA records are:
"certificateauthority.com" is the value of the record. This defines that only this certificate authority is allowed to issue certificates for this domain name.
3600 is the TTL (time to live) of the record in seconds, this example represents 1 hour. This means that when a record has had updates made to it, then it will take 1 hour to update.
How to check CAA records?
Use the CAA Record Lookup tool to check a domain name's CAA records.
Use the DNS Lookup tool to check all DNS record types.
Use the Global DNS Checker tool to check DNS records from all around the world.