Paste your MX server's certificate (PEM format) and we'll output the standard DANE-EE / SPKI / SHA-256 (3 1 1) TLSA record. That's the recommended profile for SMTP DANE: it pins the certificate's public key (so the cert can be re-issued without breaking the record) and uses SHA-256 (universally supported). All work happens in your browser session; the cert never leaves the request body.
The three numbers are usage, selector, and matching type. 3 (DANE-EE) means "this hash is the leaf cert" — bypasses CA validation entirely. 1 (SPKI) hashes the SubjectPublicKeyInfo, which lets you re-issue the cert without changing the TLSA record as long as you keep the same key. 1 (SHA-256) is the universally-supported hash. Other profiles exist (e.g. 2 1 1 DANE-TA) but 3 1 1 is the most operationally friendly for SMTP.