Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-09-12 16:35:53.0

How to add a Certification Authority Authorization (CAA) record to your DNS zone file

Article Number: 70638

User-added image

If you use a hosted DNS service, please refer to this article.

Pre-requirement:
You must know which syntax to use when configuring your DNS zone file. This depends on your DNS. Please see the table below to determine the syntax type to use when configuring your CAA record. Or, for a complete guide to adding a CAA record, please select the link relating to your DNS.
 
Syntax TypeDNS Product
Standard BINDBIND 9.9.6 and higher
PowerDNS 4.0.0 and higher
NSD 4.0.1 and higher
Knot DNS 2.2.0 and higher
Simple DNS Plus 6
Windows Server 2016
Legacy BIND

Any version prior to BIND 9.9.6
Any version prior to NSD 4.0.1

Generic Google Cloud DNS


General How-To: Adding Entrust to your CAA record

1. Open your domain's DNS zone file in Notepad. (Note that how you access your DNS records depends on where your domain is registered. If you are using a hosted DNS service please see our technote on how to access your DNS record here.)


2. You will have to configure the file to determine the CA(s) you wish to include your CAA record. Note that only adding one CA will limit issuance of SSL/TLS certificates on that domain to just that CA. Also note that domains may have more than one CA listed in a CAA record.

In order to add Entrust to your CAA record, add the below to your DNS zone file (please be sure to select the correct syntax):

*using "example.com" as the domain name
 
Standard BIND Zone File
example.com.       CAA       0 issue "entrust.net"
Legacy BIND Zone File
example.com.        TYPE257 \# 18 00056973737565656E74727573742E6E6574
Generic
0 issue "entrust.net"
This CAA record will indicate that Entrust is the authorized CA for domain.com and all subdomains. If a subdomain requires a different authorized CA, then a CAA record can be created separately for that subdomain.

3. Save your zone file and exit Notepad.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation: 
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: Smart Phone users may use the 1-800 numbers shown in the table below.
Otherwise, it is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call. 

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088

Affected Products:

  • Entrust Authority Security Manager 7.1 English Solaris
  • Entrust Authority Security Manager 7.1 English Windows

Error Codes:

-2298