Skip to content

feat: add notes about CAA records to custom domains#665

Merged
onderay merged 2 commits intokinde-oss:mainfrom
coel:leo/caa
Feb 13, 2026
Merged

feat: add notes about CAA records to custom domains#665
onderay merged 2 commits intokinde-oss:mainfrom
coel:leo/caa

Conversation

@coel
Copy link
Member

@coel coel commented Feb 11, 2026
edited
Loading

Description (required)

There has been an increase in customers with CAA records set preventing certificate issuance, so add explicit notes about CAA records to custom domain documentation.

These changes were written by Cursor, prompts:

Add a section to our custom domain documentation about CAA records and the need to add our two providers - ZeroSSL and Let's Encrypt.

Please include sample CAA records, for ZeroSSL the domain is sectigo.com and for Let's Encrypt it is letsencrypt.org

Summary by CodeRabbit

  • Documentation
    • Added comprehensive guidance on Certificate Authority Authorization (CAA) records configuration, enabling proper SSL certificate provisioning and renewal. Updated documentation includes detailed examples, configuration tables, and best practices for authorizing certificate authorities during domain setup, covering scenarios with single or multiple CAs.

@coel coel requested a review from a team as a code owner February 11, 2026 04:50
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 11, 2026
edited
Loading

Walkthrough

This PR adds CAA (Certificate Authority Authorization) guidance to domain configuration documentation. Both files receive instructions clarifying that SSL certificate provisioning must authorize ZeroSSL and Let's Encrypt as valid Certificate Authorities, with supporting references and configuration examples.

Changes

Cohort / File(s) Summary
Documentation Updates
src/content/docs/build/domains/organization-custom-domain.mdx, src/content/docs/build/domains/pointing-your-domain.mdx		 Added CAA records guidance explaining authorization requirements for ZeroSSL (sectigo.com) and Let's Encrypt (letsencrypt.org) during SSL certificate provisioning and renewal. Includes reference links and configuration examples for subdomain CAA setup.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 CAA records now explained with care,
Two CAs dancing through the air,
ZeroSSL and Let's Encrypt aligned,
SSL certificates finely designed,
Hopping through docs with digital flair! ✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and accurately summarizes the main change: adding CAA record documentation to custom domain guides.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@gitguardian
Copy link

gitguardian bot commented Feb 11, 2026
edited
Loading

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secret in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
21029323 Triggered Generic High Entropy Secret 097990c scripts/generate-llms-txt-sections.js View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@tamalchowdhury
Copy link
Collaborator

tamalchowdhury commented Feb 11, 2026

Looks good.

@onderay onderay merged commit f9bac83 into kinde-oss:main Feb 13, 2026
5 checks passed
@coel coel deleted the leo/caa branch February 13, 2026 05:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@onderay onderay onderay approved these changes

Assignees

@coel coel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@coel @tamalchowdhury @onderay