[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Contributing to GNUnet

From: Tanguy Le Carrour
Subject: Re: Contributing to GNUnet
Date: Fri, 13 Mar 2020 18:32:16 +0100

Hi GNUnet, Hi Christian,

Le 03/10, Tanguy Le Carrour a écrit :
> Le 03/09, Christian Grothoff a écrit :
> > 2) try adding a TLSA record for to GNS, thereby avoiding
> >    the use of Letsencrypt and really directly verifying via GNS.
> I'll try this and let you know, thanks!

So, I did my homework, used a generator [1][] and ended up with this:

``` IN TLSA 3 1 1 


So I now have:

$ gnunet-namestore -z myself -a -e "1 d" -p -t TLSA -n gnunet -V "3 1 1 
$ gnunet-gns --type ANY --lookup gnunet.myself
Got `TLSA' record: 3 1 1 
Got `LEHO' record:
Got `A' record:

I didn't know where to put the `_443._tcp` part. `gnunet-namestore` complained
about the name containing a `.`.

There's something in the doc [2][] about `_port._proto.`, but it's for
BOX records only.


Having done that, I still don't get much in the logs:

$ […]/lib/gnunet/libexec/gnunet-gns-proxy --log DEBUG
Mar 13 18:15:11-622297 gnunet-gns-proxy-3803 ERROR Download curl 
failed: SSL peer certificate or SSH remote key was not OK

Is my TLSA record correct? Is there something else I can try?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]