New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document CAA record when using CNAME alias #54715
Comments
@dimaqq Thanks for the feedback. We are looking into this and will get back to you shortly. |
@dimaqq do you have a support request or additional info to go along with this? There is a note in this doc that speaks of the CAA requirements for this to work. |
The doc mentions CAA record in a different context: a pre-existing CAA record. I feel that the doc may not be fully correct: if there's a |
@dimaqq Have you tried adding digicert as a ca via a CAA record with Route 53? |
Route53 rightfully disallows having both Reference: https://serverfault.com/a/885955 |
More tech details: https://cabforum.org/2017/09/27/ballot-214-caa-discovery-cname-errata/ In short, if I alias
So there are 2 ways too set
|
Assigning to PM for review #reassign:@amitsriva |
#reassign: gunjanj |
Thank you for you dedication to our documentation.Unfortunately, we have been unable to review this issue in a timely manner. We sincerely apologize for the delayed response. We are closing this issue. If you feel that the problem persists, please respond to this issue with additional information. Please continue to provide feedback about the documentation. We appreciate your contributions to our community. #please-close |
I have an azure cdn profile and the cdn endpoint set up.
It has a custom domain with HTTPS and "CDN managed" certificate.
The domain record is external (aws route53), where a
CNAME
alias is set to point to azure cdn endpoint.As far as I understand the
CAA
record in such set up cannot be issued on my custom domain, rather it should be issued on the cdn endpoint hostname.There's nothing in the docs about this.
Also, it would be neat when "CDN managed" certificate is validated using
CNAME
record, azure also issued theCAA
record for the certificate it issues.Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: