Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Getting Started

Reply

SSL certificate for domain but only allowed to provide a SSL certificate when the CAA is present

[ Edited ]
connecttt
Techie
Posts: 9

‎02-03-2021 03:50 AM - edited ‎02-19-2021 06:50 AM

1871     0

Hi,

 

We need to order a SSL certificate for domain e.g. selfcare-pre.onenet.onenet.de, when we do the request at the Certificate Authority (e.g. DigiCert) they will do a DNS query on this specific domain for the CAA record and are only allowed to provide a SSL certificate when the CAA record is present.

 

At this point only a CNAME record is present and what we need is that also a CAA record will be added to the domain (see highlighted entry).

 

;QUESTION

selfcare-pre.onenet.onenet.de. IN CAA

;ANSWER

selfcare-pre.onenet.onenet.de. 114 IN CNAME pdzmz27.x.incapdns.net.

selfcare-pre.onenet.onenet.de. 21599 IN CAA 128 issue "digicert.com"

 

may you advise us here ?

 

Regards and Thanks

Labels:
Reply
0 Kudos

Re: SSL certificate for domain but only allowed to provide a SSL certificate when the CAA is present
connecttt
Techie
Posts: 9

‎02-19-2021 06:50 AM

1872     0

any ideas here ?

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community