Ahoj,
Dňa Thu, 16 Nov 2023 15:12:15 -0500 Viktor Dukhovni via Exim-users
napísal:
> I don't recommend DANE-TA(2), and encourage use of DANE-EE(3) instead.
I am far from DANE expert, but my understanding is, that DANE-TA is
good for own CAs, where one have full control on (intermediate) CA's
cer
Thank you very much for your help, I now have a working test setup :)
On 16/11/2023 11:41, Jeremy Harris via Exim-users wrote:
On 15/11/2023 20:32, Martin Lambers via Exim-users wrote:
In particular, I have trouble understanding the purpose and usage of
the 'server_password' option with GSASL.
On Sun, Nov 19, 2023 at 01:30:29PM +0100, Slavko via Exim-users wrote:
> > I don't recommend DANE-TA(2), and encourage use of DANE-EE(3) instead.
>
> I am far from DANE expert, but my understanding is, that DANE-TA is
> good for own CAs, where one have full control on (intermediate) CA's
> certs
Dňa 19. novembra 2023 19:33:12 UTC používateľ Viktor Dukhovni via Exim-users
napísal:
>It is possible for the path unit to fail to run, but the ACME client
>believes it is done. Does systemd's path unit guarantee "at least once"
>execution.
ACME client doesn't need (nor is) to know about that.
On Sun, Nov 19, 2023 at 09:33:37PM +, Slavko via Exim-users wrote:
> > * Staging a future key, that the ACME client will conditionally
> >switch to, once the TLSA record is live.
>
> Do you mean opposite of usual certbot logic: first generate key, then
> setup TLSA for it, and after that
