What is a CERT record?

The CERT record provides a space in the DNS for certificates and related certificate revocation lists (CRLs). These certificates verify the authenticity of the sending and receiving parties. The CRLs identify the certificates that are no longer valid. To create a CERT record, you must specify the certificate type, the key tag, the algorithm, and then the certificate, which is either the certificate itself, the CRL, a URL of the certificate, or fingerprint and a URL.

The CERT record has the following look in your DNS zone management page:

Host Type Points to: TTL
www.domain.com CERT 2 77 2 TUlJQ1l6Q0NBY3lnQXdJQkFnSUJBREFOQmdrcWh 1 Hour

How to create a DNS CERT record?

Log in to your ClouDNS account, enter your DNS zone management page, and click on the Add new record button. For Type choose "CERT" and type as follow:

  • Type: CERT
  • TTL: 1 hour
  • Host: www
  • Type: Type of the Certificate/CRL.
  • Key Tag: A numeric value (0-65535), used the efficiently pick a CERT record.
  • Algorithm: Identifies the algorithm, used to produce a legitimate signature.
  • Points to: Base 64 encoded string.

*This hostname is used as an example.

How to start managing CERT records for your domain name?

  1. Create a free account from, here - free forever
  2. Verify your e-mail address
  3. Log into your control panel
  4. Create a new Master DNS from the [add new] button - check a tutorial, here
  5. Add the CERT records you need, as it is described in this article.

Support of CERT records

ClouDNS provides full support for CERT records for all our DNS services, including the listed below. Just write to our technical support, if you need any assistance with your CERT records configuration. Our Technical Support team is online for you 24/7 via live chat and tickets.


Last modified: 2021-08-03
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more