Dears ,

                Hope you are doing well , I tried to deploy DANE at my testing environment and do the following :-

1)      Create self-signed certificate “IDN domain name”.

2)      Get the TLSA hash from self-signed certificate file.

3)      Add the TLSA record to zone file.

And when I try to execute dig @8.8.8.8 _443._tcp.xn----ymcadjpj1at5o.xn--wgbh1c +dnssec TLSA , I got the TLSA record that

Is identical to the hash from crt file.

The TLSA validator said that :-

 

 

, any advice !!!

 

Thnx

 

All the Best,

Abdalmonem Tharwat Galila

Deputy Manager, Dot Masr Registry,

Operation Sector.

 

 

National Telecommunication Regulatory Authority

   Office Tel.: +2 02 35341582 - +2 02 35341300

    Mobile: +2 010 0049068

   Fax :       +2 02 35370537

  Website: http:\\www.mcit.gov.eg

                     : http:\\www.tra.gov.eg

   E-mail     :agalila@mcit.gov.eg

                      :atharwat@tra.gov.eg

 

DISCLAIMER

          This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or  entity to which they are addressed. If you have received this email in error please notify your system support manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the National Telecom Regulatory Authority (NTRA) .  Finally, the recipient should check this email and any attachments for the presence of viruses. The NTRA accepts no liability for any damage caused by any virus transmitted by this email.