| SQ(1) | User Commands | SQ(1) |
NAME¶
sq network dane generate - Generate DANE records for the given domain and certs
SYNOPSIS¶
sq network dane generate [OPTIONS] FQDN CERT-RING
DESCRIPTION¶
Generate DANE records for the given domain and certs.
The certificates are minimized, and one record per email address is emitted. If multiple user IDs map to one email address, then all matching user IDs are included in the emitted certificates.
By default, OPENPGPKEY resource records are emitted. If your DNS server doesn't understand those, use `--generic` to emit generic records instead.
OPTIONS¶
Subcommand options¶
- --generic
- Emit generic resource records [default: OPENPGPKEY records]
- --size-limit=BYTES
- Try to shrink the certificates to this size
- [default: 12288]
- --skip
- Skip expired certificates and those that do not have User IDs for given domain.
- --ttl=DURATION
- Set the TTL (maximum cache duration) of the resource records
- [default: 10800]
-
FQDN - Generate DANE records for this domain name
-
CERT-RING - Emit records for certificates from CERT-RING (or stdin if omitted)
- [default: -]
Global options¶
See sq(1) for a description of the global options.
EXAMPLES¶
Generate DANE records from juliet.pgp for example.org.
sq network dane generate example.org juliet.pgp
SEE ALSO¶
sq(1), sq-network(1), sq-network-dane(1).
For the full documentation see <https://book.sequoia-pgp.org>.
VERSION¶
0.38.0 (sequoia-openpgp 1.21.2)
| 0.38.0 | Sequoia PGP |