On 29 Dec 2016, at 21:56, Patrick Domack <[email protected]> wrote: > > Quoting Michael Grimm <[email protected]>:
>> But until that time, I will avoid human intervention into a process where >> two autorotation tools go for "incompatible" tasks :-) Or is there one >> single tool dealing with DNSSEC, TLSA rotation, and LE upgrades on the >> market? > > You just add it as part of your certificate update script. > > Just like you would have it bind a call to update like apache for certificate > pinning, you have it call nsupdate to add the new tlsa record into your dns > server. Well, that sound much better than assumed. But I will test it in a test jail, first. Thank you, again, and with kind regards, Michael
