In message <1db356bf-50cf-4b99-b996-27a1a0984...@nau.edu>, Mathew Ian Eis write
s:
> Isnt auto-dnssec maintain; (which we have enabled) supposed to
> effectively do the same thing as rndc sign zone?
auto-dnssec maintain assumes a sane clock.
"rndc sign zone" forces the zone to be fully re-signed
Isn’t auto-dnssec maintain; (which we have enabled) supposed to effectively do
the same thing as rndc sign zone?
Mathew Eis
Northern Arizona University
Information Technology Services
-Original Message-
From: Mark Andrews
Date: Thursday, February 25, 2016 at 5:14 PM
To: Mathew Eis
"rndc sign zone [class [view]]" should do it.
In message , Mathew Ian Eis write
s:
> Hi BIND,
>
> Anyone know if there is a good way to force named to resign a single host
> record? (e.g. without generating new ZSKs, etc.?)
>
> An ntp glitch recently caused our master nameserver to jump m
Hi BIND,
Anyone know if there is a good way to force named to resign a single host
record? (e.g. without generating new ZSKs, etc.?)
An ntp glitch recently caused our master nameserver to jump many hours into the
future, whereupon it began issuing invalid (to the world) RRSIGs with an
inceptio
4 matches
Mail list logo
