CertSimple will be shutting down on January 30 2020. Read the announcement here.

Help and FAQ ▸ What CAA records should I use for CertSimple?

CA Authorisation (CAA) records prevent a CA from issuing a certificate for your domain without your authorisation. For example, if you limit the allowed CAs to CA 1 via CAA records, and CA 2 tries to issue a certificate for your domain, CA 2 will be unable to do so.

CerSimple use DigiCert as our CA, so the record would look like this (in Bind format):

yourdomain.com.    IN    CAA    0 issue "digicert.com"

The record above ensures that only digicert.com (including CertSImple) is allowed to issue certificates for your domain. You can (and should) add other CAs you trust though - check out this excellent CAA record generator to create a custom CAA record for the CAs you trust to issue certificates for your domain.