Making DANE / TLSA records.

 Quick reminder for myself on how to generate / update TLSA records.

~/local/src/swede/swede/swede create --output rfc --usage 1 -s 0 -m 1
No certificate specified on the commandline, attempting to retrieve it from the server
Attempting to get certificate from
M2Crypto does not support SNI: services using virtual-hosting will show the wrong certificate!
Got a certificate with Subject: /serialNumber=l/YjABq5T5eemHk7J4kqJviHIR11OOkx/OU=GT03082892/OU=See (c)13/OU=Domain Control Validated - RapidSSL(R)/CN=* IN TLSA 1 0 1 8d930a464843e08660e3fd1ddce8ed4269cc0cd9cd53a8a306bce8abcf47aef5


For the IETF one (tied to a CA)

~/local/src/swede/swede/swede create --output rfc --usage 0 -s 0 -m 1 -c ~/tmp/certs/starfield.crt