Hi, I have been trying to create and add a CAA to a DNS record but can't seem find out how to do this! i am trying it with Ubuntu 18.04 and ISPConfig Version: 3.1.13. Thanks you in Advance Regards, Shaun
ISPConfig 3.1.13 does not support CAA records. support for these records is already in GIT in the master branch for the 3.2 release though.
I have seen that, but i rather wait for official support if its in reasonable timeframe. (Or is this the official version that will come to 3.2 ? Can it interfere ?)
Hello, Using 3.1.15p3 We are in need to add a CA issuer. Is florian030 patch the only available solution at this time ? Won't it interfere with a 3.2 upgrade ? Thanks for your time. Nicolas EDIT : no nightlies or betas on this ISP setup
Have you try git-stable because other than stable version it should also be stable enough for production server and you can also revert back to stable if something is wrong with that version.
Please create a new post instead of taking over a old thread. CAA records are supported, to add a new issuer, see https://www.howtoforge.com/communit...dd-cca-dns-record-for-ssl-certauthrity.84595/ If it is a public CA that others could issue aswell, let us know so we can eventually add it to the UI in a future update.
The current git-stable is not 100% stable and you can't take the guess that downgrading works (it can cause issues for example because the database is altered). So don't upgrade to git-nightly or git-develop (former git-stable) on a production system.
Thank God! This announcement should be made to all users since previously we were advised in here that it was safe to upgrade to it. And it also should be removed totally from ISPConfig update script.
Upgrading is relatively safe but downgrading is not. And afaik we have always told users that upgrading to git-develop is not a good idea for production systems. It should not be removed from the script as it is used by devs and beta testers. There is a clear warning when trying to upgrade to a git version.
ISPConfig 3.2 has not even be released as final, and it is obvious that you don't use a beta on a production system. Besides that, all release notes tell you that: https://www.ispconfig.org/blog/ispconfig-3-2-beta-3-released/ I'll cite: You can't update to 3.2 using the update script by choosing stable as update source.
Hello, Sorry about the Post mistake... CA is public : sectigo.com Thanks if you can add it in ISPConfig, I'll add it to database as you described. Thanks all for your answers !
Sectigo is actually included, see this discussion: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5588
I was talking and replying about git-stable option and not others. I also can quote where update to it is claimed as safe in this forum.
The git-stable option in ispconfig_update.sh on ISPConfig 3.1 systems downloads the old 3.1-stable branch and not ISPConfig 3.2.
