u/ExcitementSea5526 — reddlx

Hello,

I'm new to Technitium, started with version 14.3 a couple of days ago and updated to version 15.0.1.

The primary server is up and is serving as a DNS-Server to my homelab.

I was able to setup a cluster.

I'm updating my SSL certificates every day and everytime when a service starts.

The Technitium nodes are updating their certificate. And I can connect to the nodes.

But when I'm trying to connect to the second node from the primary node I got the following error:

>Error! The SSL connection could not be established since the TLS certificate failed DANE validation: no matching TLSA record was found, or the certificate had one or more issues [None]. (srv-dns2.dns.my.domain.tld:53443)

As far as I understand authentication is based on DANE-EE and there are TLSA records containing the fingerprint of the SSL certificate of each node.
And indeed the current fingerprint is not what's stored in the TLSA records.

In the comment I was told not to update or modify the entry. Anyway I tried to enter the new fingerprint.
Unfortunately that doesn't solve the problem

May I ask for some help to overcome that situation?
Until now google and some artificial colleagues weren't that much helpful.
Maybe someone can point me into the right direction?

Any help is really appriciated.

BR SMF

System: Technitium 15.0.1 on a rootful Podman container with Macvlan network; 2x Raspi 4b, Trixie 13.4, 2 respectivly 4GB RAM, Podman 5.4.2