-
Notifications
You must be signed in to change notification settings - Fork 53
TWA 0602
"Domain doesn't specify any valid issuers"
The twa script loads and parses the Certificate Authority Authorization (CAA) record from the Domain Name Server (DNS). A domain owner specifies in the CAA record which Certificate Authorities (CAs) are allowed to issue certificates containing the domain name.
Inside the CAA record an issue property specifies a Certificate Authority which is allowed to generate TLS certificates for the domain.
More than one issue tag could be in a CAA record.
Here the twa script has not found an issue tag in the CAA record and printed the message TWA-0602.
At least one issue tag is needed to get an TLS certification.
Correct the content of the CAA record. Specify the Certificate Authority which have generated the current TLS certification file.
The CAA Record Helper could be used to generate a correct CAA record.