Erik73
New Pleskian
Hi guys,
the news said that since a few days it became mandatory for the certificate authorities to check if there is a special DNS entry "type CAA" that allows or denies them to issue a certificate for a domain. Sounds like a good idea to me to for example allow the issuance only for beloved Let’s Encrpt and deny all other CAs.
Here an article about CAA:
DNS Certification Authority Authorization - Wikipedia
In the latest version of Plesk Onyx for Linux I tried to add this type of DNS record to a domain but could not find the required CAA type. Am I missing something? Is there another way to create this kind of record? Otherwise I would like to suggest that Plesk adds a possibility to use CAA type DNS records. I read that this is especially very useful in conjunction with the already available DNSSEC.
Thank you for your attention!
the news said that since a few days it became mandatory for the certificate authorities to check if there is a special DNS entry "type CAA" that allows or denies them to issue a certificate for a domain. Sounds like a good idea to me to for example allow the issuance only for beloved Let’s Encrpt and deny all other CAs.
Here an article about CAA:
DNS Certification Authority Authorization - Wikipedia
In the latest version of Plesk Onyx for Linux I tried to add this type of DNS record to a domain but could not find the required CAA type. Am I missing something? Is there another way to create this kind of record? Otherwise I would like to suggest that Plesk adds a possibility to use CAA type DNS records. I read that this is especially very useful in conjunction with the already available DNSSEC.
Thank you for your attention!