How do I set the CAA Record

app.layer0.co Let’s Encrypt TLS configuration seems to indicate that the CAA record should be set with
tag: "issue", flags: "0", value: letsencrypt.org

as you can see here:

Screen Shot 2021-12-23 at 3.30.39 PM908×551 40.1 KB

However, Google indicates that it should be set to 0 issue letsencrypt.org as you can see here:

from Resource record types - Google Domains Help

Which is it? Does it matter?

Here’s how I’ve done it for my website “rishi.app” on Google Domains.

Screenshot 2021-12-27 at 1.52.26 AM1956×128 37.9 KB

I think both refer to the same thing, it’s how the format of CAA in a string looks like.

To set the CAA record is quite easy for everyone. If you follow this stratedy:

1. Open your CloudFlare account and log in.

2. Select the pertinent webpage.

3. The “DNS” icon is located at the top of the page.

4. Click the “Add” record button in the DNS Records panel.

5. Decide on “CAA” in the Type area.

6. Enter the appropriate subdomain (or for the domain name alone) in the “Name” text field.

7. 1. Enter 0 in the “Flag” column.
8. 2. Select “Only allow specified hostnames” (or “Only allow wildcards” to permit the issuing of wildcard certificates) in the “Tag” section. In this instance, be careful to also establish a “Only accept particular hostnames” record.
9. 4. To store your CAA record, click the “Save” button.