Hats off to Jakob Schlyter for providing the perl script that generates a TLSA record from the certificate:
$ ../src/cert2rr.pl www.example.com 1 0 0 demoCA/cacert.pem
; Selected 755 bytes of data from demoCA/cacert.pem
; TLSA resource record:
;
www.example.com. IN TLSA 1 0 0 308202ef30820258a0030201020209009a0a7ecab015ea56300d06092a864886f70d01010505003059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e301e170d3131313230393033303535385a170d3134313230383033303535385a3059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e30819f300d06092a864886f70d010101050003818d0030818902818100d0e03624b35367095e40abc3485edf10b12e049bfcf384edccc945fca4cce3ac58132fedac355d7a327ccec9d4c473bb49e20822aa5e24b37ea1cf52206054bf43855f895de519b6f19496ad003d8fde9644dd143bc9ae7580e538ef0bd62bef682d2846c6b9c79194f337630ee7535f701c346682df5cd978b8fdce4bb5761f0203010001a381be3081bb301d0603551d0e0416041464e15937d9a5180d3c63fb73a250d4d7a012b49430818b0603551d23048183308180801464e15937d9a5180d3c63fb73a250d4d7a012b494a15da45b3059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e8209009a0a7ecab015ea56300c0603551d13040530030101ff300d06092a864886f70d01010505000381810017c156226f07b10f6434be97cecf132726f0dfb54c6cb5fb15bd4ba181e185304d00a466528dc5b95e2091c4d52c9f921e7a52e3b9fd82a453f47e54bee10d3b0d7043fe85d0a6eba56628ff8afc11c42f5e8f8d0ed49f8d19019f5a22b98d6043c6bfc3d7ba047881b64ec72e2b108137e7a70cd9a78792eb792f5be3138c09
; Unknown resource record:
;
www.example.com. IN TYPE65534 \# 758 010000308202ef30820258a0030201020209009a0a7ecab015ea56300d06092a864886f70d01010505003059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e301e170d3131313230393033303535385a170d3134313230383033303535385a3059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e30819f300d06092a864886f70d010101050003818d0030818902818100d0e03624b35367095e40abc3485edf10b12e049bfcf384edccc945fca4cce3ac58132fedac355d7a327ccec9d4c473bb49e20822aa5e24b37ea1cf52206054bf43855f895de519b6f19496ad003d8fde9644dd143bc9ae7580e538ef0bd62bef682d2846c6b9c79194f337630ee7535f701c346682df5cd978b8fdce4bb5761f0203010001a381be3081bb301d0603551d0e0416041464e15937d9a5180d3c63fb73a250d4d7a012b49430818b0603551d23048183308180801464e15937d9a5180d3c63fb73a250d4d7a012b494a15da45b3059310b3009060355040613025553310b30090603550408130243413110300e060355040a130744414e45204341310f300d060355040b130645786a6f6262311a3018060355040313114d6174686961732053616d75656c736f6e8209009a0a7ecab015ea56300c0603551d13040530030101ff300d06092a864886f70d01010505000381810017c156226f07b10f6434be97cecf132726f0dfb54c6cb5fb15bd4ba181e185304d00a466528dc5b95e2091c4d52c9f921e7a52e3b9fd82a453f47e54bee10d3b0d7043fe85d0a6eba56628ff8afc11c42f5e8f8d0ed49f8d19019f5a22b98d6043c6bfc3d7ba047881b64ec72e2b108137e7a70cd9a78792eb792f5be3138c09
No comments:
Post a Comment