This article explains how to add a CAA record to Virtualmin if you’re hosting a domain at ServerPilot but still manage the DNS with Virtualmin.
The following gotchas were encountered:
- Virtualmin’s default CAA record if it exists can’t be seen in the UI. You have to use service like WhatsMyDNS or dig deeper..
- The default Virtualmin record has
- Virtualmin’s Edit Records will show you the CAA record. However, if you are pointing to another server, in spite of choosing no to validation for records on saving, the UI will block the update with a invalid IP address for the main A record.
- You have to use Webmin to edit the record instead where it’s easily saved.
Here is a useful command to check your work afterwards:
# dig +nocmd +noall +answer +ttlid CAA example.com example.com. 3528 IN CAA 0 issue "letsencrypt.org"
What’s cool about the above command is the output also shows the TTL for the DNS record, in this case, 3528 seconds.