Overview

CAA is an Internet security strategy that stops unauthorized users from generating false SSL/TLS certificates. A website owner can use a CAA Policy records to define which Certificate Authorities (CAs) are allowed to issue certificates.

If your nameservers are pointed to GreggHost

You can add CAA Policy records to your panel if your nameservers are currently pointed to GreggHost and you want to use them. Instructions can be found in the following article:

Customizing CAA records

If your nameservers are NOT pointed to GreggHost

If your nameservers are not currently pointing to GreggHost and you want to use CAA records for your GreggHost-hosted domain, you must create the CAA Policy records at the firm where your nameservers are now pointing.

Make sure your CAA records are compatible with GreggHost before adding an SSL certificate to your domain in your GreggHost panel. There are two possibilities available to you.

Remove all CAA records from your existing hosting provider.
Keep your current hosting company’s CAA records, but remove any conflicting CAA information before adding an SSL certificate to the GreggHost panel.
If you decide to keep your CAA records, be sure to only include the records listed below. If you’re buying a Sectigo or Let’s Encrypt certificate through GreggHost, the CAA record you add will be different.

Add these if you’re purchasing Sectigo SSL from GreggHost

usertrust.com
trust-provider.com
sectigo.com

Add the following if you’re purchasing a Let’s Encrypt SSL from GreggHost

letsencrypt.org

Managing CAA records at GreggHost

For additional details on how to create CAA records in the GreggHost panel, see the following article.

Customizing DNS records