When will DNS CAA records become supported by Digital Ocean?

April 2, 2017 1.5k views
DNS

As requirements for HTTPS/SSL implementations increase across most of the web sites nowadays, the importance of DNS CAA is also on the rise. CAA is a type of DNS record that controls which certificate authorities (CA) can issue SSL certificates for your domain.

The problem we have is that our r&d tax credit calculation webite requires to secure user data via an SSL certificate, which also needs to be backed by a CAA DNS record.

As Digital Ocean has always been on the forefront of the digital revolution, we would be grateful if this feature is implemented sooner.

1 comment
3 Answers

+1

CAA dns record definition required for use even with LetsEncrypt now.

It's not required for a CAA record to exist. It's fine if you don't have any.

CAs may or may not require that your DNS servers respond in a valid manner. (Let's Encrypt will.)

Certificate Authority Authorization (CAA) is a standard designed to prevent bad actors from creating unauthorized SSL/TLS certificates. CAA records allow domain owners to specify which Certificate Authorities (CAs) are permitted to issue certificates. In this tutorial we'll show how to add the three standard CAA resource record types.
Have another answer? Share your knowledge.