Edit a domain’s CAA DNS record to get RapidSSL Partner certificates

Solution ID:    SO28449    Updated:    08/17/2017

Solution

To get RapidSSL certificates for your domain, update the CAA DNS Resource Record to state that RapidSSL is approved to issue certificates for your domain.

The registered domain owner must update the CAA DNS zone file to add RapidSSL as an approved CA in a CAA DNS record. You can find information about how to access and edit the CAA DNS zone file for the domain by contacting the domain’s registrar.

  1. Open the CAA DNS zone file for editing.
  2. Under $ORIGIN rapidssl.com, add the line:  CAA 0 issue “rapidssl.com” as follows:
    $ORIGIN rapidssl.com
    . CAA 0 issue "rapidssl.com"
  3. On your certificate's Order Information page in RapidSSL Partner Center, click Recheck CAA. If the check succeeds, your order is processed normally.


The single CAA record applies to all web servers in your domain, for example www.rapidssl.com, shop.rapidssl.com, checkout.rapidssl.com, etc.

What is CAA?
Certification Authority Authorization (CAA) allows a website owner to specify the Certificate Authorities that are authorized to issue certificates for that domain or website. For additional information on CAA see Certification Authority Authorization (CAA)

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers


Search Tips