About CAA Records
Hi all,
I recently had customer request to assist in configuring Certification Authority Authorization (CAA) DNS resource record in Infoblox.
Based on the guide below it seems straight forward
However, since my customer has about 5 different CA providers, i wonder
- Do we need to create a separate CAA DNS record for each CA provider?
- What if we remain empty under Certificate Authority field instead of specific the CA provider? Will it causing any operation risk?
- Specifically, would an empty Certificate Authority field prevent all CAs from issuing certificates, or would it allow certificate issuance by any CA?
I wondering if anyone can share their real life experience on this, as this is my first time dealing with this type of CAA records.
Thank you for sharing your opinion.
Tagged:
0
Answers
-
- Yes
- An empty Certificate Authority field would block issuance by any CA (well, any CA paying attention to CAA records)
- See above
1 -
Got it now, thanks for your answer Mr.Cricket!
0 -
You're welcome!
0
Categories
- All Categories
- 5.2K Forums
- 3.5K Critical Network Services
- 468 Security
- 1.2K Asset Visibility
- Ideas Portal
- Webinars & Events
- 295 Resources
- 295 News & Announcements
- Knowledge Base
- Infoblox Documentation Portal
- Infoblox Blog
- Support Portal
- 8 Members Hub
- 4 Getting Started with Community
- 4 Community Support