Configuring CAA Records

Cloudflare’s support for DNS Certificate Authority Authorization (CAA) records is now live.  

 

Step 1 - Log in to the Cloudflare dashboard and click on the DNS tab.

pasted_image_0.png

Step 2 - Add CAA records for each Certificate Authority you wish to authorize

 

Change the new record select box to ‘CAA’, type in your domain in the first box (here: upinatoms.com), and tab to the next box to pop up the modal shown below.

 

Leave the “Allow wildcards and specific hosts” dropdown selected for tag and enter the desired CA, e.g., “comodoca.com” in the value box then hit Save. After hitting Save you must also click Add Record.

pasted_image_0__1_.png

If you wish to continue to use Universal SSL, you must repeat this process for each Universal SSL CA: comodoca.com, digicert.com, and globalsign.com.

 

Step 3 - Review the added records for accuracy

Here are records that match sample support ticket #1 from above. 

pasted_image_0__2_.png

Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk