1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-11-25 02:47:04 +00:00

use RSASHA256 for .lv domains DNSSEC (#1277)

This commit is contained in:
Jānis (Yannis) 2017-11-01 00:01:47 +02:00 committed by Joshua Tauberer
parent cd554cf480
commit 7bf377eed1

View File

@ -528,12 +528,13 @@ zone:
def dnssec_choose_algo(domain, env): def dnssec_choose_algo(domain, env):
if '.' in domain and domain.rsplit('.')[-1] in \ if '.' in domain and domain.rsplit('.')[-1] in \
("email", "guide", "fund", "be"): ("email", "guide", "fund", "be", "lv"):
# At GoDaddy, RSASHA256 is the only algorithm supported # At GoDaddy, RSASHA256 is the only algorithm supported
# for .email and .guide. # for .email and .guide.
# A variety of algorithms are supported for .fund. This # A variety of algorithms are supported for .fund. This
# is preferred. # is preferred.
# Gandi tells me that .be does not support RSASHA1-NSEC3-SHA1 # Gandi tells me that .be does not support RSASHA1-NSEC3-SHA1
# Nic.lv does not support RSASHA1-NSEC3-SHA1 for .lv tld's
return "RSASHA256" return "RSASHA256"
# For any domain we were able to sign before, don't change the algorithm # For any domain we were able to sign before, don't change the algorithm