From 7bf377eed18e23656d03df59408a60807882f42e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C4=81nis=20=28Yannis=29?= <jb@masterpc.co.uk>
Date: Wed, 1 Nov 2017 00:01:47 +0200
Subject: [PATCH] use RSASHA256 for .lv domains DNSSEC (#1277)

---
 management/dns_update.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/management/dns_update.py b/management/dns_update.py
index aa0ee602..b5daef2d 100755
--- a/management/dns_update.py
+++ b/management/dns_update.py
@@ -528,12 +528,13 @@ zone:
 
 def dnssec_choose_algo(domain, env):
 	if '.' in domain and domain.rsplit('.')[-1] in \
-		("email", "guide", "fund", "be"):
+		("email", "guide", "fund", "be", "lv"):
 		# At GoDaddy, RSASHA256 is the only algorithm supported
 		# for .email and .guide.
 		# A variety of algorithms are supported for .fund. This
 		# is preferred.
 		# Gandi tells me that .be does not support RSASHA1-NSEC3-SHA1
+        # Nic.lv does not support RSASHA1-NSEC3-SHA1 for .lv tld's
 		return "RSASHA256"
 
 	# For any domain we were able to sign before, don't change the algorithm