TLSA / DANE support in DNS Management

Client asked to add TLSA support to his server. Following https://www.directadmin.com/features.php?id=1869 it seems pretty straightforward.

Add support for TLSA dns records. Will require both skin and template changes.
So, I've added |TLSA| to the bottom of /usr/local/directadmin/data/templates/named.db, but

Same idea from SPF, copied to TLSA.
admin/dns_admin_control.html
user/dns_control.html
I have no clue wat to do in admin/dns_admin_control.html, and I don't have user/dns_control.html, on any server.
 
Client asked to add TLSA support to his server. Following https://www.directadmin.com/features.php?id=1869 it seems pretty straightforward.


So, I've added |TLSA| to the bottom of /usr/local/directadmin/data/templates/named.db, but


I have no clue wat to do in admin/dns_admin_control.html, and I don't have user/dns_control.html, on any server.

Did you add dns_tlsa=1 in the directadmin.conf? Which DirectAdmin version do you run? do you use the default skin?
 
Did you add dns_tlsa=1 in the directadmin.conf? Which DirectAdmin version do you run? do you use the default skin?

Yes I have added that line to directadmin.conf. It's the latest version of DA and it's the default (enhanced) skin.
 
This is very nice to have but each time your lets encrypt updates its cert you have to change the key/dns entry. also on your own domain DNS. so that is still a lot of work and you need to set the alarm for that. Because the certs get auto renieuwd. it might be able to edit the records in directadmin dns but there is still your own dns where the domain is hosted.
 
Back
Top