start > dns > CAA

CAA

Created by dave. Last edited by dave, 4 years and 156 days ago. Viewed 1,082 times. #1

[edit] [rdf]

labels

attachments

(2018-10-16)

Problem

What is CAA record

Solution

CAA record is a DNS record that indicates who is permitted to issue SSL certs for a domain.

Information.

bind entry:

xdroop.com.  IN CAA 128 issue "letsencrypt.org"

In action:

# dig @n1 caa xdroop.com; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> @n1 caa xdroop.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49189
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;xdroop.com.                    IN      CAA
;; ANSWER SECTION:
xdroop.com.             900     IN      CAA     128 issue "letsencrypt.org"
;; AUTHORITY SECTION:
xdroop.com.             900     IN      NS      n2.gridway.net.
xdroop.com.             900     IN      NS      n3.gridway.net.
xdroop.com.             900     IN      NS      n1.gridway.net.
;; ADDITIONAL SECTION:
n1.gridway.net.         300     IN      A       139.60.168.90
n2.gridway.net.         300     IN      A       72.142.112.27
n3.gridway.net.         300     IN      A       207.236.146.3
;; Query time: 0 msec
;; SERVER: 139.60.168.90#53(139.60.168.90)
;; WHEN: Tue Oct 16 12:24:25 EDT 2018
;; MSG SIZE  rcvd: 183

no comments | post comment

see also:
snipsnap-index	Calculating Network Tr...	Client DNS fai...	snipsnap-notfound
start	dave	Cluster...	Fixing ...
Useful+sed	Virtual...	snipsnap-index	Client+DNS+fai...
find

CAA

Problem

Solution

Virtual Dave Megaplex:

Useful: