CAA Record Builder

Build CAA (Certificate Authority Authorization) records to control which CAs can issue certificates for your domain.

Domain:

ISSUE Authorize certificate issuance for this domain

ISSUEWILD Authorize wildcard certificate issuance for this domain

IODEF Contact information for certificate abuse reports

Enable and configure CAA records to see output

Active Records: 0

Status: Valid

No CAA records enabled - this will not provide any protection

No issue or issuewild records - certificates can be issued by any CA

Start with monitoring: Add iodef records first to receive notifications
Use specific CAs: Only authorize certificate authorities you actually use
Include wildcards: Add issuewild records if you use wildcard certificates
Monitor regularly: Check iodef notifications for unauthorized issuance attempts
Test thoroughly: Verify legitimate certificate renewals still work after deployment

Example Configurations