Create CAA DNS record tha...
Create CAA DNS record that support any sub-domain
- Accueil
- Espace Client
- Community Forum
- Services
- Dynamic DNS Service
- Create CAA DNS record that support any sub-domain
- Community Forum
- Create CAA DNS record that support any sub-domain
Topic: Create CAA DNS record that support any sub-domain
Here is my domain: dandelionsystem.my
DNSSEC: enabled
I created 2 CAA dns record as follow:
Node: <blank>
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
Node: www
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
at my web server, I am able to create Let's Encrypt SSL for the following:
dandelionsystem.my
www.dandelionsystem.my
however, when I try to create SSL for test2.dandelionsystem.my
I received error message as follow:
{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: SERVFAIL looking up CAA for test2.dandelionsystem.my - the domain\u0027s nameservers may be malfunctioning","status":400,"instance":null}
if I tried to create another CAA:
Node: test2
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
then it works, the SSL created successfully.
My question is, how to set the CAA, so that I won't have to create new CAA for every new sub-domain?
Is it able to create single CAA that allows Let's Encrypt SSL to install on new sub-domain (without creating additional CAA)?
thanks.
DNSSEC: enabled
I created 2 CAA dns record as follow:
Node: <blank>
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
Node: www
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
at my web server, I am able to create Let's Encrypt SSL for the following:
dandelionsystem.my
www.dandelionsystem.my
however, when I try to create SSL for test2.dandelionsystem.my
I received error message as follow:
{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: SERVFAIL looking up CAA for test2.dandelionsystem.my - the domain\u0027s nameservers may be malfunctioning","status":400,"instance":null}
if I tried to create another CAA:
Node: test2
Type: CAA
TTL: 120
Flags: 0
Tag: issue
Value: letsencrypt.org
then it works, the SSL created successfully.
My question is, how to set the CAA, so that I won't have to create new CAA for every new sub-domain?
Is it able to create single CAA that allows Let's Encrypt SSL to install on new sub-domain (without creating additional CAA)?
thanks.
Reply with quote |Report
CAA record tutorial can be found at https://www.dynu.com/Resources/DNS-Records/CAA-Record. For subdomains, @ 10800 IN CAA 0 issuewild "letsencrypt.org"
Reply with quote |Report
| Author | Topic: Create CAA DNS record that support any sub-domain |
|---|---|
|
mjb2019 Joined: 21/11/2019 
|
Create CAA DNS record that support any sub-domainjeudi 30 mars 2023 20:53
Here is my domain: dandelionsystem.my
DNSSEC: enabled I created 2 CAA dns record as follow: Node: <blank> Type: CAA TTL: 120 Flags: 0 Tag: issue Value: letsencrypt.org Node: www Type: CAA TTL: 120 Flags: 0 Tag: issue Value: letsencrypt.org at my web server, I am able to create Let's Encrypt SSL for the following: dandelionsystem.my www.dandelionsystem.my however, when I try to create SSL for test2.dandelionsystem.my I received error message as follow: {"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: SERVFAIL looking up CAA for test2.dandelionsystem.my - the domain\u0027s nameservers may be malfunctioning","status":400,"instance":null} if I tried to create another CAA: Node: test2 Type: CAA TTL: 120 Flags: 0 Tag: issue Value: letsencrypt.org then it works, the SSL created successfully. My question is, how to set the CAA, so that I won't have to create new CAA for every new sub-domain? Is it able to create single CAA that allows Let's Encrypt SSL to install on new sub-domain (without creating additional CAA)? thanks. |
|
timothytw Joined: 02/05/2002 
|
Create CAA DNS record that support any sub-domain lundi 10 avril 2023 00:15
CAA record tutorial can be found at https://www.dynu.com/Resources/DNS-Records/CAA-Record. For subdomains, @ 10800 IN CAA 0 issuewild "letsencrypt.org"
|
It is currently samedi 13 juin 2026 12:15 US Mountain Standard Time
samedi 13 juin 2026 12:15