FeedPress Support

Appearance

How to allow FeedPress HTTPS hostname on my own domain (CAA record)?

A Certification Authority Authorization (CAA) record is a type of DNS record that allows a domain name holder to specify one or more Certification Authorities (CAs) authorized to issue certificates for that domain. CAA records are used to improve the security of a domain by preventing unauthorized CAs from issuing certificates for it.

If a CAA record prevents issuance, it means that the CAA record is set to only allow certain CAs to issue certificates for the domain. If a CA that is not listed in the CAA record tries to issue a certificate, it will be prevented from doing so.

If you’re not the domain owner but you’re trying to get a certificate for a domain that has a CAA record preventing issuance, you would need to contact the domain owner or the CA listed in the CAA record for assistance.

When you enable HTTPS on your custom hostname, FeedPress generates a certificate from Let's Encrypt.

To add Let’s Encrypt in a Certification Authority Authorization (CAA) record, you need to specify Let’s Encrypt’s domain, which is letsencrypt.org, as an authorized Certification Authority (CA) for your domain.

Here’s a general step-by-step guide on how to do it:

  1. Log in to your domain’s DNS provider. This could be your domain registrar or a third-party DNS provider if you’re using one.
  2. Find the section where you can manage your domain’s DNS records.
  3. Add a new CAA record. The exact steps to do this will depend on your DNS provider, but generally, you’ll need to select “CAA” from a list of record types.
  4. In the “Name” or “Host” field, enter your domain name.
  5. In the “Flag” field, enter “0”. This is the standard flag for issuing certificates.
  6. In the “Tag” field, enter “issue”. This allows the specified CA to issue certificates for your domain.
  7. In the “Value” field, enter “letsencrypt.org”. This specifies Let’s Encrypt as the authorized CA.
  8. Save the new CAA record.

Please note that changes to DNS records can take up to 48 hours to propagate across the internet, although it’s usually much quicker.

Also, remember that the exact steps may vary depending on your DNS provider. If you’re unsure, it’s best to consult your DNS provider’s documentation or support service.