My postfix has two certificates/keys (RSA and ECDSA) from Let’s encrypt.
It says in the article:
mx.example. IN TLSA 3 1 1 <digest of server public key>
mx.example. IN TLSA 2 1 1 <digest of immediate issuer public key>
* The „3 1 1” record protects against „expiration” accidents, and
unexpected changes in the issuer’s public key (if new certificate chain
deployment is automated).
* The „2 1 1” record protects against key rotation errors should a new
server private key be deployed without updating the TLSA RRs. Provided
the new certificate is issued by the same CA is unexpired,… the „2 1 1”
record will match.
1. Can I have two „3 1 1” records for RSA and ECDSA?
2. Is „digest of immediate issuer public key” the CA from Let’s encrypt
Or the „Digital Signature Trust” CA?
Would be nice if someone could help me.
| If your life was a horse, you'd have to shoot it. |
> My questions:
> 1. Can I have two „3 1 1” records for RSA and ECDSA?
Yes. And you can also publish dual (current plus next) "3 1 1" RRs for
each algorithm and avoid trusting a 3rd-party CA, with generally weak
domain control validation processes. Which works best for you depends
on what sort of process you feel comfortable implementing.
Whatever you do, implement monitoring first. Unmonitored security is
(or should be) an oxymoron. Then when your monitoring is working and
tested, implement (automate) your preferred key/cert management
approach. The simplest is to just keep using the same key indefinitely,
until you carefully manually replace it some day (3 1 1 + 3 1 1 at that
# certbot renew --reuse-key
> 2. Is „digest of immediate issuer public key” the CA from Let’s encrypt
> Or the „Digital Signature Trust” CA?
The Let's Encrypt one. Most users don't including the root CA in their
server's chain file, and that would be required for "2 1 1" to work for
the root CA (the complete Let's encrypt chain is just leaf + LE + root).