diff --git a/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/reference/troubleshooting.mdx b/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/reference/troubleshooting.mdx
index b1733cfdc90891f..0c96c5cd8b3d54d 100644
--- a/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/reference/troubleshooting.mdx
+++ b/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/reference/troubleshooting.mdx
@@ -66,11 +66,14 @@ You will need to ensure that the required CAA records for the selected Certifica
 For example, here are the records required to issue [Let's Encrypt](https://letsencrypt.org/docs/caa/) and [Google Trust Services](https://pki.goog/faq/#caa) certificates:
 
 ```
+example.com CAA 0 issue "pki.goog; cansignhttpexchanges=yes"
+example.com CAA 0 issuewild "pki.goog; cansignhttpexchanges=yes"
+
 example.com CAA 0 issue "letsencrypt.org"
 example.com CAA 0 issuewild "letsencrypt.org"
 
-example.com CAA 0 issue "pki.goog; cansignhttpexchanges=yes"
-example.com CAA 0 issuewild "pki.goog; cansignhttpexchanges=yes"
+example.com CAA 0 issue "ssl.com"
+example.com CAA 0 issuewild "ssl.com"
 ```
 
 More details can be found on the [CAA records FAQ](/ssl/edge-certificates/troubleshooting/caa-records/).
diff --git a/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/troubleshooting.mdx b/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/troubleshooting.mdx
index dda50fdb9ed58ba..e9fb440badc31ad 100644
--- a/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/troubleshooting.mdx
+++ b/src/content/docs/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/issue-and-validate/validate-certificates/troubleshooting.mdx
@@ -26,8 +26,9 @@ CAA is a DNS resource record type defined in [RFC 6844](https://datatracker.ietf
 If your customer has CAA records set on their domain, they will either need to add the following or remove CAA entirely:
 
 ```txt
-example.com. IN CAA 0 issue "letsencrypt.org"
 example.com. IN CAA 0 issue "pki.goog"
+example.com. IN CAA 0 issue "letsencrypt.org"
+example.com. IN CAA 0 issue "ssl.com"
 ```
 
 While it is possible for CAA records to be set on the subdomain your customer wishes to use with your service, it will usually be set on the domain apex. If they have CAA records on the subdomain, those will also have to be removed.
diff --git a/src/content/docs/pages/configuration/debugging-pages.mdx b/src/content/docs/pages/configuration/debugging-pages.mdx
index 2a4f6609e3bbbb2..d5ecaec0fccd711 100644
--- a/src/content/docs/pages/configuration/debugging-pages.mdx
+++ b/src/content/docs/pages/configuration/debugging-pages.mdx
@@ -156,12 +156,12 @@ In the above example, there is only a single CAA record which is allowing Amazon
 To resolve this, you will need to add the following CAA records which allows all of the Certificate Authorities (CAs) Cloudflare uses to issue certificates:
 
 ```
-example.com.            300     IN      CAA     0 issue "comodoca.com"
 example.com.            300     IN      CAA     0 issue "letsencrypt.org"
 example.com.            300     IN      CAA     0 issue "pki.goog; cansignhttpexchanges=yes"
-example.com.            300     IN      CAA     0 issuewild "comodoca.com"
+example.com.            300     IN      CAA     0 issue "ssl.com"
 example.com.            300     IN      CAA     0 issuewild "letsencrypt.org"
 example.com.            300     IN      CAA     0 issuewild "pki.goog; cansignhttpexchanges=yes"
+example.com.            300     IN      CAA     0 issuewild "ssl.com"
 ```
 
 ### Zone holds