Letsencrypt & TLSA - automation
dgouttegattat at incenp.org
Sun Feb 19 21:17:14 CET 2017
On 02/19/2017 08:23 PM, Viktor Dukhovni wrote:
> Are you sure that base64 works in this context??? The presentation
> format for TLSA records is hex encoded.
Oups. I re-wrote the macro in my message from memory instead of pasting
it from my actual script, and of course I messed up.
(Coincidentally, I spent the last few hours writing an introduction to
HTTP Public-Key Pinning, which does use base64 encoding.)
My real macro is:
`m4_esyscmd(openssl x509 -in $1 -pubkey -noout | \
openssl rsa -pubin -outform DER | \
openssl dgst -sha256 | cut -d" " -f2)')
Sorry about that,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the dane-users