pcx_content_type | title | weight |
---|---|---|
how-to |
Add CAA records |
6 |
{{}}
For additional security, set up Certificate Transparency Monitoring as well.
{{
}}For more technical details about CAA records, refer to the introductory blog post.
{{
}}You should create CAA records in Cloudflare if each of the following is true:
- You uploaded your own custom origin server certificate (not provisioned by Cloudflare).
- That certificate was issued by a CA (not self-signed).
- Your domain is on a full setup (not a CNAME setup).
- When adding new Custom Hostname and your customer has existing CAA records. In this case, ask your customer to remove the existing CAA records or add the missing CAA record.
{{}}
Create a CAA record for each Certificate Authority (CA) that you plan to use for your domain.
{{}} {{}}
To add a CAA record in the dashboard,
- Log in to the Cloudflare dashboard and select your account and application.
- Go to DNS > Records.
- Select Add record.
- For Type, select CAA.
- For Name, type your domain.
- Choose a Tag, which specifies the behavior associated with the record.
- For CA domain name, enter the CA name.
- Select Save.
- Repeat for each CA associated with your domain.
{{}} {{}}
To create a CAA record via the API, use this POST endpoint.
{{}} {{}}
Once you have finished creating all the records, you can review them in the list of records appearing under the DNS Records panel.