Hello, Thanks for your reply. Here's what is in my Cloudflare record on there site: Type CAA name davemehler.com flags it has 0 with no way to edit tag allow only specific hostnames CA domain name letsencrypt.org That's what is in the record stuff I entered. On the main page it shows: CAA davemehler.com 0 issue letsencrypt.org and here's dig output, different order something is wrong: host -t CAA davemehler.com davemehler.com has CAA record 0 issue "ssl.com" davemehler.com has CAA record 0 issue "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "comodoca.com" davemehler.com has CAA record 0 issue "letsencrypt.org" davemehler.com has CAA record 0 issuewild "ssl.com" davemehler.com has CAA record 0 issuewild "letsencrypt.org" davemehler.com has CAA record 0 issue "comodoca.com" davemehler.com has CAA record 0 issuewild "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "pki.goog; cansignhttpexchanges=yes" host -t CAA davemehler.com davemehler.com has CAA record 0 issue "letsencrypt.org" davemehler.com has CAA record 0 issuewild "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "comodoca.com" davemehler.com has CAA record 0 issue "comodoca.com" davemehler.com has CAA record 0 issue "ssl.com" davemehler.com has CAA record 0 issue "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "letsencrypt.org" davemehler.com has CAA record 0 issuewild "ssl.com" host -t CAA davemehler.com davemehler.com has CAA record 0 issue "ssl.com" davemehler.com has CAA record 0 issuewild "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "letsencrypt.org" davemehler.com has CAA record 0 issue "comodoca.com" davemehler.com has CAA record 0 issuewild "comodoca.com" davemehler.com has CAA record 0 issuewild "letsencrypt.org" davemehler.com has CAA record 0 issue "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "ssl.com" host -t CAA davemehler.com davemehler.com has CAA record 0 issue "letsencrypt.org" davemehler.com has CAA record 0 issue "comodoca.com" davemehler.com has CAA record 0 issuewild "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "letsencrypt.org" davemehler.com has CAA record 0 issuewild "ssl.com" davemehler.com has CAA record 0 issue "digicert.com; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issue "ssl.com" davemehler.com has CAA record 0 issuewild "pki.goog; cansignhttpexchanges=yes" davemehler.com has CAA record 0 issuewild "comodoca.com" Thanks. Dave. On 6/26/2024 11:53 AM, Andrew Hodgson via Blind-sysadmins wrote:
Hi.
What record did you think you added and what is a Dig coming back with?
Thanks. Andrew.
-----Original Message----- From: David Mehler via Blind-sysadmins <blind-sysadmins@lists.hodgsonfamily.org> Sent: Wednesday, June 26, 2024 4:48 PM To: blind-sysadmins@lists.hodgsonfamily.org Cc: David Mehler <dave.mehler@gmail.com> Subject: [Blind-sysadmins] Cloudflare DNS Provider and CAA records?
Hello,
If anyone is using cloudflare as there DNS provider and uses a CAA record please contact me? I atempted to do one on my other domain intending for only letsencrypt to be able to issue certificates for my domain, a dig check reveals many other providers that I didn't authorize.
Obviously I did something wrong.
Thanks. Dave.
-- Sent from Mozilla Thunderbird 91.13.1 _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org
-- Sent from Mozilla Thunderbird 91.13.1