Speed up SSL issuance
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.
CAA (Certification Authority Authorization) is a new type of DNS record designed to identify certification authorities that are allowed to issue SSL / TLS certificates for a specific domain name or subdomain.
The largest and most popular certificate authorities agreed that starting from September 8, 2017, it is mandatory to strictly follow the instructions specified in the CAA records of the domain name or subdomain for which certificate issuance is requested.
Using a CAA record will increase the level of security on the Internet and reduce the occurrence of unauthorized obtaining certificates for third-party domain names.
Here is a detailed instruction that explains the capabilities of the CAA record and the format of its use.
The CAA record value consists of three parts, separated by a space:
CAA <flags> <tag> <value>
The flag value is an 8-bit number, the high bit of which indicates the criticality of the record by the certification authority. The following values are currently valid:
The tag value can take one of the following values:
The value depends on the tag value and must be enclosed in double quotation marks (""). Some certificate authorities allow you to use additional parameters for the value. In this case, the parameters must be separated by a semicolon (;).
Example: 0 issue "sectigo.com; account = 12345"
Example: example.tld. CAA 0 issue "sectigo.com" Example: example.tld. CAA 0 issue ";"
Example: example.tld. CAA 0 issuewild "sectigo.com" Example: example.tld. CAA 0 issuewild ";"
Example: example.tld. CAA 0 iodef "mailto: abuse@example.com"
Here are the most common methods to check CAA records:
dig example.tld caa
Get a Domain Validation SSL certificate within just 5 minutes using our friendly and automated system. No paperwork, callback or company required.
Found a better price? We will match it - guaranteed. Get the best possible price in the World with us. The correct place to save your money.
Try 90-day Trial SSL Certificate before the real purchase to test cert's functionality. 99.9% browser and mobile support. Free reissues.
Customer satisfaction is our major concern. Get a full refund within 30 days for any purchase of SSL certificates with 100% guarantee.
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.