Hi, Please consider writing one email with feedback on multiple sections, thanks.
On 12/22/2017 01:43 PM, Torge Riedel wrote: > The guide is working for me, Will be added too. > I am using the following settings with success from the Thomas' guide: > > smtp_tls_security_level = dane > smtp_dns_support_level = dnssec Yes, we are missing DNSSEC and DANE in the guide currently. See for example: https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/69 On 12/22/2017 01:50 PM, Torge Riedel wrote: > The guide is working for me. Thanks > But I'm not sure whether it should be > > ssl=1 The docs do not mention it at all: https://dev.mysql.com/doc/refman/5.7/en/using-encrypted-connections.html Is it necessary? Here is an indicator it might be necessary: https://www.thomas-krenn.com/de/wiki/MySQL_Verbindungen_mit_SSL_verschl%C3%BCsseln > And - this is maybe out-of-scope - if you want to use Let's Encrypt > certs for MySQL, do the following: The usage of letsencrypt, and other approaches, is out of scope, yes. The guide is CA-agnostic. Sebastian -- python programming - mail server - photo - video - https://sebix.at cryptographic key at https://sebix.at/DC9B463B.asc and on public keyservers
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ach mailing list [email protected] https://lists.cert.at/cgi-bin/mailman/listinfo/ach
