I have a CCA record named @ on domains.google.com that has 0 issue "letsencrypt.org" in it. I can’t remember when or why I put it there. I’m trying to rely less on Google’s DNS features where I bought my FQDN and more on Virtualmin. I stuck a glue record in at Google which points to my Virtualmin nameserver for the domain. Since I’m a hack admin, I don’t really know the ramifications of the things I do till something goes horribly wrong.
What’s that CCA record doing for me? Is it necessary or just useful? Is there a way to put the entry into BUND DNS using the Virtualmin interface? Since I use the Virtualmin system to make the domain keys anyway, wouldn’t Virtualmin already do any important DNS entries on its own?
As an admin, if providing uptime is a priority then you must avoid single points of failure and Virtualmin puts all eggs in one basket, so pointing your domain to the DNS server on Virtualmin will cause domains to stop resolving and make things harder for you to troubleshoot when Virtualmin fails, as compared to using the domain registrar’s free / complimentary DNS service or a third party DNS service which charges monthly fees but offers solid uptime and speedy name resolution.
However, using the DNS server on the Virtualmin box has the advantage of automation and ease of management of different services through a unified interface for you and your clients.
If Google has set up glue records for your domain to point to name servers managed by Virtualmin then you are good to go. Any DNS record that you apply to Virtualmin’s DNS server will apply to the domain.
Hosting your own DNS is a good thing and indeed provides handful of advantages.
I have a CCA record named @ on domains.google.com that has 0 issue "letsencrypt.org" in it. I can’t remember when or why I put it there.
"CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. "
to that