external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #661 from baltoche/master 

Gandi tells me that .be TLD only supports algorithms 8 and 10 for DNSSEC
This commit is contained in:
Joshua Tauberer 2016-01-05 11:10:21 -05:00
parent 5033042b8c 36e5772a8e
commit 5b135738b4
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
management/dns_update.py
View File

@ -502,11 +502,12 @@ zone:
def dnssec_choose_algo(domain, env):
if '.' in domain and domain.rsplit('.')[-1] in \
("email", "guide", "fund"):
("email", "guide", "fund", "be"):
# At GoDaddy, RSASHA256 is the only algorithm supported
# for .email and .guide.
# A variety of algorithms are supported for .fund. This
# is preferred.
# Gandi tells me that .be does not support RSASHA1-NSEC3-SHA1
return "RSASHA256"
# For any domain we were able to sign before, don't change the algorithm