Donate
‹ Back
Domain Name System Security Extensions (DNSSEC) 4 October 2012

DANE Test Sites

The following sites support the DANE protocol by publishing TLSA records. If you are developing software that supports the DANE protocol, you can visit these sites to test your DANE support.  Note that we use the term “TLS certificate” here for what is commonly referred to as a “SSL certificate”.

Test sites updated on 30 October 2017.  Thanks to Stephane Bortzmeyer for his testing.

Sites that provide tests for DANE records

HTTP – Valid TLSA Record With Valid CA-signed TLS Certificate

SMTP

The following sites support using DANE for email by publishing TLSA records associated with MX records:

  • ietf.org
  • openssl.org
  • jhcloos.com
  • nlnetlabs.nl (for ports 25, 465, 587)
  • nlnet.nl (for ports 25, 465, 587)
  • spodhuis.org
  • denic.de

XMPP / Jabber

The following sites support using DANE for TLS connections to their XMPP/Jabber server:

Adding More Sites

If you support DANE with your site and would like to add it to this list, please contact us. Eventually, of course, we would like to hope that DANE is so widely deployed that this list of test sites will no longer be needed.

‹ Back

Related articles

The DANE Protocol - DNS-Based Authentication of Named Entities
Domain Name System Security Extensions (DNSSEC)4 October 2012

The DANE Protocol – DNS-Based Authentication of Named Entities

If you connect to a website using a "secure" connection over TLS/SSL, how do you know you are using the correct...

Hash-slinger - a tool for creating TLSA records for the DANE protocol
Domain Name System Security Extensions (DNSSEC)30 November 2012

Hash-slinger – a tool for creating TLSA records for the DANE protocol

Hash-slinger is a package of tools created by Paul Wouters of RedHat to make it easy to create records for ...

State of DNSSEC Deployment 2016
State of DNSSEC Deployment 2016
Domain Name System (DNS)31 December 2016

State of DNSSEC Deployment 2016

This report provides a snapshot of the state of deployment of DNSSEC as of the end of 2016. Please download the...

Join the conversation with Internet Society members around the world