2017 年 9 月 8 日,在可以發行憑證給要求者前,檢查、處理和遵守網域的 DNS 憑證授權單位 (CAA) 資源記錄 (RR) 需要憑證授權單位 (CA)。
註:DigiCert 發行您的網域的憑證不需要CAA 資源記錄。所提供的與這些記錄有關的資訊,僅在您已經有設定用於您的任何網域的 CAA 資源記錄,或如果您要新增您的網域的 CAA 資源記錄時重要。
發行憑證前,CA 會檢查 CAA RR 以規定他們是否可以發行網域用的憑證。符合以下其中一個條件時,CA 可以發行網域的憑證:
如果您有或計畫建立您的網域的 DNS CAA RR,確定您的記錄是最新的與準確是一件重要的事。在 DigiCert,我們建議檢查您的網域的現有 DNS CAA RR,以確認您有授權用於發行每個網域的憑證的每個 CA 所必需的記錄。我們也建議那些建立新 DNS CAA RR 者瞭解程序如何運作,這樣您不會意外阻止 CA 發行需要「盡快」的憑證。
如需更多資訊,請瀏覽 DNS CAA 資源記錄檢查 (https://www.digicert.com/dns-caa-rr-check.htm)。
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.