mirror of
https://github.com/mjl-/mox.git
synced 2025-07-10 09:54:40 +03:00
when suggesting CAA records for a domain, suggest variants that bind to the account id and with validation methods used by mox
should prevent potential mitm attacks. especially when done close to the machine itself (where a http/tls challenge is intercepted to get a valid certificate), as seen on the internet last month.
This commit is contained in:
@ -96,6 +96,11 @@ describe-static" and "mox config describe-domains":
|
||||
# configuring port forwarding. (optional)
|
||||
Port: 0
|
||||
|
||||
# If set, used for suggested CAA DNS records, for restricting TLS certificate
|
||||
# issuance to a Certificate Authority. If empty and DirectyURL is for Let's
|
||||
# Encrypt, this value is set automatically to letsencrypt.org. (optional)
|
||||
IssuerDomainName:
|
||||
|
||||
# File containing hash of admin password, for authentication in the web admin
|
||||
# pages (if enabled). (optional)
|
||||
AdminPasswordFile:
|
||||
|
Reference in New Issue
Block a user