[Pdns-users] CAA Records
curtis at maurand.com
Sun Aug 13 17:40:53 UTC 2017
I have a ton of websites running letsencrypt. That's great, I like it,
but starting in April they started requiring CAA records. A new record
to be sure and, according to the docs, it is supported. There is nothing
in the docs about how to construct the record.
I'm running PDNS 4.04 which I compiled from the sources on Ubuntu 16.04
I've tried adding the record directly into the database by sql. head for
a caa checker and no dice.
I've added the record so far as:
deacon.xyonet.com 3600 IN CAA 0 issue "letsencrypt.org"
I've entered in this generic way. There is no documentation that says
to format it any differently for pdns.
I had to change my primary DNS server late last night, should I just
wait another day or two for this all to settle down? I haven't
reconciled the dnssec piece, yet. Just trying to get website going
after a not so very smooth migration that's just been trouble all the way.
The tools that I've found (nslookup, dig, etc) so far don't allow me to
query CAA records. the pdns-util parser is telling me the record is
OK, but at this point, since none of the online tools can look it up,
I'm thinking their might be something that I'm doing wrong.
If anyone has any advice on how to proceed, that would be greatly
All the online testers are coming up with nothing. I've verified that
the record exists in both databases (primary and slave).
thanks in advance,
curtis at maurand.com <mailto:curtis at maurand.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pdns-users