README
¶
CAA Validator
CAA Validator is a Go package and command line utility for fetching and validating CAA Certificate Authority Authorization records from DNS.
Getting Started
Setup
Grab the latest binary from the releases page.
To build from source or hack on CAA Validator, you can install via go get:
go get -u github.com/jamescun/caa/cmd
Usage
To fetch all CAA records associated with the domain www.digicert.com, run:
$ caa www.digicert.com
CAA Records for www.digicert.com
digicert.com.
issuewild digicert.com
issue digicert.com
This will fetch all CAA records associated with www.digicert.com, digicert.com and com using Google DNS.
To use a resolver other than Google DNS (inheriting system resolver is TODO), such as OpenDNS, apply the --resolver option:
$ caa --resolver=208.67.222.222 www.digicert.com
CAA Records for www.digicert.com
digicert.com.
issuewild digicert.com
issue digicert.com
To output JSON as opposed to a human readable output, apply the --json option:
$ caa --json www.digicert.com
{
"records":[
{
"name":"digicert.com.",
"issuers":[
{
"name":"digicert.com",
"wildcard":false,
"critical":false
},
{
"name":"digicert.com",
"wildcard":true,
"critical":false
}
]
}
]
}
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var Resolver = "8.8.8.8:53"
Resolver is the default DNS resolver for CAA Lookups.
Functions ¶
This section is empty.
Types ¶
type Issuer ¶
type Issuer struct {
Name string `json:"name"`
Wildcard bool `json:"wildcard"`
Critical bool `json:"critical"`
}
Issuer is a certificate authority that is authorized to issue certificates for a domain.
type Record ¶
type Record struct {
Name string `json:"name"`
Issuers []Issuer `json:"issuers,omitempty"`
Reports []string `json:"reports,omitempty"`
}
Record is the contents of all CAA related records on a domain.
Source Files
Directories