[ldns-users] TLSA verification using ldns-dane
A. Schulze
sca at andreasschulze.de
Wed Jun 1 12:57:55 UTC 2016
Willem Toorop:
> You could collect the certificate with openssl s_client and then use
> ldns-dane to verify it.
>
> $ openssl s_client -connect nlnetlabs.nl:25 -starttls smtp | openssl
> x509 >nlnetlabs.nl.smtp.crt
> $ ldns-dane -c nlnetlabs.nl.smtp.crt verify nlnetlabs.nl 25
> OU=Domain Control Validated, CN=*.nlnetlabs.nl dane-validated successfully
Thanks, that's what I could use
Andreas
More information about the ldns-users
mailing list