14 Jul
2015
14 Jul
'15
11:27 a.m.
If Viktor speaks about TLSA/DANE - you should probably believe him.... :-)
The way I create the TLSA 3 0 1 from a WEB certificate is:
cat cert.crt | openssl x509 -outform DER | openssl sha256
ie - the input is the ".crt" file.....
For reference purposes... For email - you need a TLSA 311 Certificate.
cat cert.crt | openssl x509 -noout -pubkey | openssl pkey -pubin -outform DER | openssl sha256
(all one line)
--
Mark James ELKINS - Posix Systems - (South) Africa
mje@posix.co.za Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za