Be the first to like this
The CAA Record (Certification Authority Authorization) is used to signal which certification authority (CA) can issue an x509 certificate for a given domain. CAA creates a DNS mechanism that enables domain name owners to whitelist CAs that are allowed to issue certificates for their hostnames.
Starting from September 2017, certificate issuing CA must support the CAA record.
This explains the CAA record, how it works, how to enter CAA into a zone and how certification authorities are about to use the record.