This package contains a class that can generate TLSA resource records.
$tlsa = new Stayallive\TLSA\Builder('alexbouma.me');
$tlsa->forCertificate($pemEncodedCertificate);
$tlsa->getRecord(); // returns the full DNS record
$tlsa->getRecordContents(); // returns the DNS record contents onlyYou can install the package via composer:
composer require stayallive/tlsaThe class can generate a TLSA resource record for all certificate usages, selectors and matching types.
For more information check out the Wikipedia entry: https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities#RR_data_fields
use Stayallive\TLSA;
$tlsa = new TLSA\Builder('alexbouma.me', 25, 'udp'); // Builder for the alexbouma.me domain, port 25 and the UDP protocol
$tlsa->forCertificate($pemEncodedCertificate);
$tlsa->forPublicKey($pemEncodedPublicKey);
$tlsa->certificateUsage(TLSA\Builder::CERTIFICATE_USAGE_DOMAIN_ISSUED_CERTIFICATE); // Set the certificate usage to `3` (default)
$tlsa->selector(TLSA\Builder::SELECTOR_PUBLIC_KEY); // Set the selector to `1` (default)
$tlsa->matchingType(TLSA\Builder::MATCHING_TYPE_SHA256); // Set the matching type to `1` (default)
$dns->getRecord(); // returns the full DNS record
$dns->getRecordContents(); // returns the DNS record contentscomposer testPlease see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
If you discover any security related issues, please email me@alexbouma.me instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.