[Yeti DNS Discuss] A public Yeti DNS resolver (but with TLS)
bortzmeyer at nic.fr
Sun Jun 25 15:18:48 UTC 2017
On Thu, Jan 05, 2017 at 09:32:04AM +1100,
Geoff Huston <gih at apnic.net> wrote
a message of 30 lines which said:
> You should be aware that certbot renew will generate a new private
> key when it renew your certificate.
> If you are using DANE [or pinned keys, S.B.] this has some
> implications about the TLSA record and you will need some local
> scripting to essentially perform a key roll.
I switched to 'certbot certonly' instead of 'certbot renew' and it
seems I can keep my key (but it requires more setup). We'll see how it
More information about the discuss