Testsuite: regenerate OCSP proofs with proof-signer certs

[exim.git] / test / dnszones-src / db.example.com

diff --git a/test/dnszones-src/db.example.com b/test/dnszones-src/db.example.com
index 4997d4d7c5d9ac0ac6a6177743fb0787263dd9a0..749df4f21c45e0377e7bcef4babb0b18bd56af21 100644 (file)
--- a/test/dnszones-src/db.example.com
+++ b/test/dnszones-src/db.example.com
@@ -47,19 +47,21 @@ alternatename.server1 CNAME server1
 ; a broken dane config where the name does not match in the cert, TA-mode, dane-requested
 ; NOTE: the server uses the example.net cert hence the mismatch
 ;
+; TLSA_AUTOGEN
 ; openssl x509 -in aux-fixed/exim-ca/example.net/CA/CA.pem -fingerprint -sha256 -noout \
 ;  | awk -F= '{print $2}' | tr -d : | tr '[A-F]' '[a-f]'
 ;
 ;
 DNSSEC danebroken7  A       127.0.0.1
-DNSSEC _1225._tcp.danebroken7 TLSA 2 0 1 7b7f27746dafe59e5b419ee4c5ea97f04fcf100f65567d92b1b91f88cf199055
+DNSSEC _1225._tcp.danebroken7 TLSA 2 0 1 68932e8eed228ff72a53c832aed4db07cecb099fe8bdf48952237f20724a1ab4
 
 ; the same, EE-mode
 ;
+; TLSA_AUTOGEN
 ; openssl x509 -in aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem -noout -pubkey \
 ; | openssl pkey -pubin -outform DER | openssl dgst -sha256 | awk '{print $2}'
 ;
 DNSSEC danebroken8  A       127.0.0.1
-DNSSEC _1225._tcp.danebroken8 TLSA 3 1 1 403071b52f61ba0ab13013b68a97b08325ce8d5e13ba6b6b6f42c2da89ed1b21
+DNSSEC _1225._tcp.danebroken8 TLSA 3 1 1 61e0bb2042c975bc018a47b5961ac1ce8e84f162f2147e97f56736177bb8fc8e
 
 ; End