Closed virtual-machinist closed 7 years ago
I wonder what "may fail" means. You can't simply add it because it's a new type of record and ydns seems to only manage A, AAAA and TXT.
Yes, hence this issue. AFAIK CAA record support was added in PowerDNS last spring. If it's what ydns uses, it's a matter of exposing the record setting in the user interface.
@commx?
Right, we're using PowerDNS. We recently switched to 4.x which introduced that record type. It's just a matter of adding that feature to the web UI, which could be done pretty quickly.
YDNS supports way more record types than just A, AAAA and TXT - the limitation is currently active for hosts only. For own domains, you can add way more record types via the "Records" management feature.
I'm seeing this mail from Let's Encrypt for the very first time. Looks like they're enforcing stricter rules for their certs from time to time; adding appropriate support for the CAA RR type on YDNS will follow soon. I'll keep you updated here.
CAA support has been added with basic validation (for record management and hosts). Make sure content yields something like:
0 issue "ca.example.net"
If you encounter any problems with that, let me know.
dig @8.8.8.8 +short -t caa myhost.ydns.eu
seems to report what I've entered through the UI as well. Thanks for a very fast response!
Anyone could elaborate how to add a CAA record? On UI I can't see it, neither in the updater. @commx?
Anyone could elaborate how to add a CAA record? On UI I can't see it, neither in the updater. @commx?
If you have no host yet, create one (on the "My Hosts" page). Then click your host from the My Hosts page and click "Add Record" on the top. You can select CAA for the record type and the corresponding content.
I'm working on a simpler way to enable CAA records for hosts, but that's probably part of a larget set of updates.
Thank you @commx!
@commx in the hosts section there is no more "add record" button at the top there is only a "delete" button how can you add a CAA record now?
@zalessky the button was somehow not displayed anymore. It has been fixed now, thanks for reporting.
I use Let's Encrypt free certificate authority. Recently they sent me an email, starting like
Is there any way to comply with their requirement? I imagine many ydns.io users have also set up free SSL this way.