How add TLSA RR in Windows server 2016 DNS zone

Question

I am going to implement DANE protocol on Windows server 2016. I configured DNS and Active directories. Now I want to generate self signed certificate for my domain and Generate TLSA record. and I want to add TLSA record in DNS.

Mark Gilbert · Answer 1 · 2019-02-06T16:05:16.130

0

This may help:

Add-DnsServerResourceRecord -TLSA -CertificateAssociationData "digest" -CertificateUsage DomainIssuedCertificate -MatchingType Sha256Hash -Selector FullCertificate -ZoneName mydomain.com -name _443._tcp.example.mydomain.com

Also note: https://support.microsoft.com/en-sg/help/4489468/windows-server-domain-name-system-dns-flag-day-compliance

edited Feb 06 '19 at 16:05

answered Feb 06 '19 at 06:09

Mark Gilbert

1
2

How add TLSA RR in Windows server 2016 DNS zone

1 Answers1