I wish to add CAA records to my DNS.
I have a dedicated SSL cert. purchased through Cloudflare for a number of (sub)domains.
The Universal SSL cert. requires comodoca.com, digicert.com, and globalsign.com.
Which record(s) do I need for the dedicated SSL cert.?
I believe it’s the same but here is a handy little tool from SSLMate to verify CAAs. CAA Record Generator
The SSLMate tool scrapes certificate creation logs, which means it will add unexpired certificates even if they are no longer used. It also can’t distinguish between wildcard and non-wildcard, so it’s a fine starting point but requires editing.
Is there any canonical answer to which CA’s are required for Cloudflare dedicated certs?
Unfortunately, the link I was checking is Top Secret, or something because I’m not authorized to access it.
https://support.cloudflare.com/hc/en-us/articles/115000310792-Configuring-CAA-Records-
I can say that I use Dedicated Certificates and the three you list are what I use. Plus I add letsencrypt.org for my origin certs.
This topic was automatically closed after 30 days. New replies are no longer allowed.