chiark / gitweb /
~mdw / zones / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use a public key for the main webserver's TLSA record.
[zones] / distorted.lisp
diff --git a/distorted.lisp b/distorted.lisp
index 0277696709823166ab9d8c68d5e0e2adb01ffa18..da001250408cb3ce691eaab7bdb2953670f499ef 100644 (file)
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -148,7 +148,7 @@ (defzone distorted.org.uk
   ((git www mail) (colo :svc stratocaster.colo :sshfp "stratocaster")
                  (jump :svc stratocaster.jump :sshfp "stratocaster"))
   ((www @) :tlsa (:https (:service-certificate-constraint
-                         :certificate :sha-256 #p"http-server-www#1")))
+                         :public-key :sha-256 #p"https-stratocaster")))
   ((git mail) :tlsa (:https #1=(:trust-anchor-assertion
                                :certificate :sha-256 #p"distorted-ca")))
   (www-cache :tlsa (3127 #1#))
Zone files for the DNS zones I administer