Some would think that having a trusted certificate for your services such as web and email servers is enough, but some might wish to add an extra layer of security by publishing the hash of that in the DNS through a TLSA record and signed with DNSSEC. We already enabled Let’s Encrypt certificates for various web servers in the Go6lab, but this … Continue reading Let’s Encrypt certificates for mail servers and DANE – Part 1 of 2