Check a DANE TLS Service

This application checks a DANE TLS Service. It connects to the specified TLS service and then attempts to authenticate its TLS server certificate according to its corresponding DANE TLSA records in the DNS.

Port: 443
Domain name: www.n2diving.net

Checking Transcript:

Host: www.n2diving.net Port: 443
SNI: www.n2diving.net
No DANE TLSA records found.

Check another DANE service?

Other DANE Tools

• Check a DANE TLS SMTP Service
• Generate a DNS TLSA record
• Generate a DNS OPENPGPKEY record
• DANE TLS Test Sites

References

• RFC 6698: DANE and TLSA record specification, August 2012
• RFC 7671: DANE Protocol: Updates and Operational Guidance
• RFC 7672: SMTP Security via opportunistic DANE TLS
• Unknown Key-Share Attacks on DANE
• DNSSEC and Certificates; October 19 2012
• How DANE Strengthens Security for TLS, S/MIME, and Other Applications; November 2015
• Whither DANE? -- APNIC Blog; July 05 2019
• Shumon Huque's website