TLSA Validation Failed

Andreas Schulze andreas.schulze at
Tue Jul 14 10:49:12 CEST 2015

Am 14.07.2015 um 10:37 schrieb Abdelmeniem Tharwat:
> 	You are right , but kindly advice how can I get the TLSA record ? I used 
> openssl x509 -in xn----ymcadjpj1at5o.xn--wgbh1c.registry.crt -outform DER | openssl sha256
> (stdin)= 1a70df05ac43318ab35a16542a8736d077ace3126fafe00508edd7484f293c6c

I use ldns from

ldns-dane -c /path/to/cert.pem create $(FQDN) $(PORT) 3 1 1

A. Schulze DATEV eG

More information about the dane-users mailing list