Nowadays, SSL Certificate becomes a crucial part of the internet and business. SSL Certificate encrypts sensitive information and makes your visitors or customers trust your website more. Which result in boosting your sales and improve your website ranking in Search Engine.
Purchasing SSL certificate is simple. You just have to validate by verifying your identity to the Certificate Authority (CA) based on the type of your SSL Certificate.
Here's what's happening. Effective This September 2017, the new validation method called CAA Record Checking becomes mandatory. All Certificate Authorities require to check and process a domain name’s DNS Certification Authority Authorization (CAA) Resource record before issuing a certificate.
CAA Resource record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain. CAA Resource Records, the new requirement in SSL validation process, allow a Certification Authority to implement additional controls to reduce the risk of unintended certificate mis-issue.
The DNS CAA Resource Records look like this:
Current SSL Certificates that already active won't be affected by this new proposal, but if there is a re-issuing of those active SSL Certificates after September 2017, the CAA Record checking is mandatory as well.