Setting up Dane again from start
Carsten Strotmann (sys4)
cs at sys4.de
Wed Feb 11 12:34:04 CET 2015
Frank Fiene wrote:
> 3.) Our DNS provider has added this to the domain and has signed it again (no idea why there is a blank!).
> _*._tcp.mail.veka.com. 3600 IN TLSA 3 0 1 04459A87D803EE5D2450114C09E8370DC51B27716431378CFA5560E1 53AED957
this is an incorrect use of an DNS wildcard.
The asterisk must be the leftmost character in the domain name, an
asterisk inside a domain name is just that, an asterisk. The TLSA record
above does not match port 25.
*._tcp.mail.veka.com. 3600 IN TLSA
would be valid, it would match all ports on the machine mail.veka.com,
but I'm not sure if that is useful.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 883 bytes
Desc: OpenPGP digital signature
More information about the dane-users