StackExchange/dnscontrol
1
1
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2025-11-08 07:20:49 +08:00
Code Issues Projects Releases Packages Wiki Activity
dnscontrol/documentation/language-reference/domain-modifiers/SMIMEA.md
Jan von Aschwege 04a70d2fc8
FEAT: Add SMIMEA domain modifier 
Add support for the RRtype SMIMEA used for discovering S/MIME certificates.
Also enabled this type for the providers bind and desec.
2025-10-03 19:15:37 +02:00

1.1 KiB
Raw Blame History

name parameters parameter_types
SMIMEA
name
usage
selector
type
certificate
modifiers...
name usage selector type certificate modifiers...
string number number number string RecordModifier[]

SMIMEA adds a SMIMEA record to a domain. The name should be the hashed and stripped local part of the e-mail.

To create the name, you can the following command:

# For the e-mail bosun@bosun.org run:
echo -n "bosun" | sha256sum | awk '{print $1}' | cut -c1-56
# f10e7de079689f55c0cdd6782e4dd1448c84006962a4bd832e8eff73

Usage, selector, and type are ints.

Certificate is a hex string.

To create the string for the type 0, you can run this command with your S/MIME certificate:

openssl x509 -in smime-cert.pem -outform DER | xxd -p -c 10000

{% code title="dnsconfig.js" %}

D("example.com", REG_MY_PROVIDER, DnsProvider(DSP_MY_PROVIDER),
  // Create SMIMEA record for certificate for the name bosun
  SMIMEA("f10e7de079689f55c0cdd6782e4dd1448c84006962a4bd832e8eff73", 3, 0, 0, "30820353308202f8a003020102..."),
);

{% endcode %}