Release Note

Validated on 13 Sep 2017 • Last edited on 24 Jan 2025

Domain Record resources have been updated to add support for CAA records. As specified in RFC-6844, this record type can be used to specify which certificate authorities (CAs) are permitted to issue certificates for a domain.

For example, in order to restrict TLS/SSL certificate creation for example.com to letsencrypt.org, you would use a request like:

  curl -X POST \
  -d '{"type":"CAA","name":"@","data":"letsencrypt.org.","priority":null,"port":null,"ttl":1800,"flags":0,"tag":"issue"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  https://api.digitalocean.com/v2/domains/example.com/records

For more information on how to use CAA records, see this tutorial on our community site.

We can't find any results for your search.

Try using different keywords or simplifying your search terms.