Update configure-ssl-certificate.md

[Ramyaharinarthini]

Added about CAA records in the document at the line 94

++NOTE: Checking CAA Records Another thing to be noted is CAA record.

CAA is a record in DNS that declares which provider is allowed to issue certificate for this domain. If domain has CAA record value other than GoDaddy, GoDaddy will reject issuing certificate for this domain. We can check CAA in digwebinterface. If CAA record is empty, it will allow all providers like Godaddy, Digicert, etc to issue the certificate. But if CAA record has been set, then it should also be set for GoDaddy for certificate purchase to be allowed.

CAA records for multiple subdomains are checked in sequence. Let's says you are trying to issue a certificate to sub1.my.contoso.com . The initial check will be sub1.my.contoso.com , than my.contoso.com , than contoso.com until we find a CAA record. If a sublevel contains a value, the root won't be checked and a CAA record at this level should be created.

For standard certificate, CAA record should be - issue "godaddy.com". For wildcard certificate, CAA record should be - issuewild "godaddy.com".

[prmerger-automator[bot]]

@Ramyaharinarthini : Thanks for your contribution! The author(s) have been notified to review your proposed change.

[learn-build-service-prod[bot]]

Learn Build status updates of commit 91201f7:

:white_check_mark: Validation status: passed

File	Status	Preview URL	Details
articles/app-service/configure-ssl-certificate.md	:white_check_mark:Succeeded

For more details, please refer to the build report.

For any questions, please:

• Try searching the learn.microsoft.com contributor guides
• Post your question in the Learn support channel

[ShannonLeavitt]

@msangapu-msft

Can you review the proposed changes?

IMPORTANT: When the changes are ready for publication, adding a #sign-off comment is the best way to signal that the PR is ready for the review team to merge.

label:"aq-pr-triaged"

@MicrosoftDocs/public-repo-pr-review-team