Home | History | Annotate | Download | only in conf

Lines Matching refs:TLSA

46 #	display commands to output a corresponding CSR or TLSA
84 #	update the DNS with new DANE TLSA records, then wait for
98 #	publishing DANE TLSA "3 1 1" or "3 1 2" records, there is
136 # .IP "\fBoutput-server-tlsa\fR [\fB-h \fIhostname\fR] [\fIkeyfile\fB...\fR]"
137 #	Write to stdout a DANE TLSA RRset suitable for a port 25
148 #	value is empty or equal to \fBnone\fR, then no TLSA record
584 	If you publish DANE TLSA records, see:
588 	  https://community.letsencrypt.org/t/please-avoid-3-0-1-and-3-0-2-dane-tlsa-records-with-le-certificates/7022
629 	# Otherwise, just the new keys, so that TLSA records can be updated
633 	To generate TLSA records run:
634 	  # postfix tls output-server-tlsa [-h <hostname>] $2
640 	# If already deployed, too late to wait, otherwise advise updating TLSA
644 	(If you have DANE TLSA RRs, update them as soon as possible to match
894     echo "_25._tcp.$hostname. IN TLSA 3 1 1 $data"
1089 output-server-tlsa)
1103 	# TLSA RRs, as many keyfiles as the user wants.  By default the live
1150 	$FATAL "usage: postfix tls enable-client (or enable-server, new-server-key, new-server-cert, deploy-server-cert, output-server-csr, output-server-tlsa, all-default-client, all-default-server)"