Verify which Certificate Authorities are permitted to issue SSL/TLS certificates for your domain.
CAA (Certification Authority Authorization) records are a DNS security mechanism that restricts which CAs can issue SSL/TLS certificates for your domain.
Without CAA records, any CA in the world can potentially issue a certificate for your domain. Adding CAA records significantly reduces the risk of mis-issuance.
Want a full security audit of your site? Run a full site scan →