I'm not sure what you mean by linux servers need SRV records. SRV is
not a linux thing, and linux doesn't need them.
It could be whatever application you are using needs SRV records though.
My use case is for https (really for my own personal use) and smtp,
and my hook script to install and remove tlsa records works perfect,
and no SRV records are used.
Quoting john <[email protected]>:
I have been working on a renew-hook for letsencrypt/certbot.
The idea was that it would generate new TLSA records when the
certificates were updated, automatically install them and
automatically remove the old ones after a suitable delay.
While I was putting it together I made some assumptions about the
environment that TLSA records would be found in, in particular the
DNS configuration. It seems I am probably wrong.
Is an automatic TLSA update system worth doing? Are the
prerequisites that I think might make it work too onerous. Eg.
Linux servers, need SRV records in order to determine the port and
host for each TLSA record.
John A
