Help and FAQ ▸ What CAA records should I use for CertSimple?

CA Authorisation (CAA) records prevent a CA from issuing a certificate for your domain without your authorisation. For example, if you limit the allowed CAs to CA 1 via CAA records, and CA 2 tries to issue a certificate for your domain, CA 2 will be unable to do so.

CerSimple use DigiCert as our CA, so the record would look like this (in Bind format):    IN    CAA    0 issue ""

The record above ensures that only (including CertSImple) is allowed to issue certificates for your domain. You can (and should) add other CAs you trust though - check out this excellent CAA record generator to create a custom CAA record for the CAs you trust to issue certificates for your domain.