Show Universal SSL's CAA records in DNS Management UI

CloudFlare automatically adds the required CAA records for Universal SSL right now (without showing them in the UI), but it might be a bit concerning for some users to see these unrecognized CAA records in other tools/sites.

As far as I know, the only place that mentions this automatic addition of CAA records is a help article Certification Authority Authorization (CAA) FAQ – Cloudflare Help Center

There needs to be an option to include records from Universal SSL in the “Advanced” selector in the management UI.

Related: Show automatically added records in the DNS list - Feedback / Usage & Design - Cloudflare Community

@prajaybasu thank you for making this suggestion. We are aware of this issue and working internally to come up with a solution. At the moment, the best way to prevent this from happening is to disable the Universal SSL from the dashboard before pointing to Cloudflare’s nameserver for a new zone.


I don’t think the suggestion is to prevent anything. On the contrary, I think it’s good that CAA is added as a result of Universal SSL.

One solution, like the suggestion suggests, could be to add a view-only record that displays the CAA. Possibly even toggleable from the advanced options.


Or like this related comment suggests, list them in a new section below the rest of the records.