Skip to main content

How to add a Certification Authority Authorization (CAA) record using TinyDNS

User-added image

Requirements:

- TinyDNS software from DjbDns

-  Linux OS with TinyDNs installed (in this example using Debian Linux version 9)

- DNS Server has been setup and function properly

There is a video for this process.

Here is the process:

1. Login to your DNS server.

2. Launch the terminal. Login as superuser type:

$ su –

You will be prompted for the password for your superuser. Type the password and you will be on the root prompt.

3. Locate your DNS zone data file. This file by default is located under /service/tinydns/root . The default zone data filename is data.

Example:

User-added image

4. WARNING ! Before you continue to the step below, please make sure you make a copy of your working data zone file in order to avoid any mishap happened.

Edit the zone file using the line text editor tool such as nano or vi.

Example:

nano /service/tinydns/root/data

Or if you have already inside the service/tinydns/root/ directory, just type:

Nano data

User-added image

The DNS zone data file will open. You should see some entries already exist within the file:

User-added image

5. Go to the last line and hit the Enter button on your keyboard to begin a new empty line.

User-added image

6. Copy and paste the entry below to the empty line space to add Entrust as the authorized Certification Authority for this record. To add a different Certification Authority, please use the related code (see our technote here ).

:yourdomain.com:257:\000\005\151\163\163\165\145\145\156\164\162\165\163\164\056\156\145\164

(Note: replace "yourdomain.com" with your zone file domain name)

User-added image

7. Press Crtl-X to save the modification. Answer Yes, and then hit Enter to overwrite the change into the file.

User-added image

User-added image

8. Now, re-compile your zone data by entering the command below:

make

User-added image

Note: Before you run the command, please make sure you are inside the directory where your zone data file is located. In this example /service/tinydns/root.

At this point you have successfully added your CAA record.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list here )