Hello!
Do I need to create keys first when I create a new zone and
use inline signing or is keycreation done by named?
Regards
Andreas
pgpTqth4sBZkE.pgp
Description: Digitale Signatur von OpenPGP
___
Please visit https://lists.isc.org/mailman/listi
Tony Finch schrieb am 23.08.16 um 10:45:15 Uhr:
> Aleks Ostapenko wrote:
>
> > As for second variant - unfortunately I don't know how to edit manually TTL
> > in the signed (not raw) master file.
>
> (1) Use `rndc freeze` which makes `named` rewrite the zone file with all
> pending changes f
Andreas Meyer schrieb am 23.08.16 um 00:18:02 Uhr:
> > After reloading or stopping and starting the serial is not changed
> > and shows a value serial 2016080310.
> >
> > Why is the serial not updated?
>
> I found out that the signed zone is not updated with
Andreas Meyer schrieb am 22.08.16 um 23:57:20 Uhr:
> Hello!
>
> In a zone I set up
>
> update-policy local;
> auto-dnssec maintain;
> inline-signing yes;
>
> After reloading or stopping and starting the serial is not changed
> and shows a value serial 20160803
Hello!
In a zone I set up
update-policy local;
auto-dnssec maintain;
inline-signing yes;
After reloading or stopping and starting the serial is not changed
and shows a value serial 2016080310.
Why is the serial not updated?
Regards
Andreas
pgpntHMpZtfSu.pgp
Description: Digitale Signatur
Hello!
After what amount of time a zone is resigned by named when
it was edited?
Regards
Andreas
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https
Hello!
When I see this in the log, does this mean it is because the server
does not allow recursion?
Aug 4 18:52:19 bitmachine1 named[26142]: client 127.0.0.1#52733
(c303.cloudmark.com): query (cache) 'c303.cloudmark.com/A/IN' denied
Aug 4 18:56:08 bitmachine1 named[26142]: client 127.0.0.1#32
Hi!
> Tony Finch schrieb am 04.08.16 um 09:21:36 Uhr:
> > The error suggests to me that you have a key-directory mismatch, but you
> > seem to have that under control.
That was the right hint! I had no key-directory "/var/lib/named/keys";
specified in named.conf.
There also is no key-directory
Hello!
Tony Finch schrieb am 04.08.16 um 09:21:36 Uhr:
> > The key is named Kbitcorner.de.+005+16938.private but named is looking for
> > a key named bitcorner.de/RSASHA1/16938 or is it just substituting?
>
> The error message refers to the key ID rather than the filename - in more
> recent ver
the files belonging to root.
>
>
> Regards
> Volker
>
>
> > Am 03.08.2016 um 18:33 schrieb Andreas Meyer :
> >
> > Hello!
> >
> > Just subscribed to the list. I wanted to implement DNSSEC
> > with bind but have not luck
Hello!
Just subscribed to the list. I wanted to implement DNSSEC
with bind but have not luck with this one.
When named starts it says it can't read the private keys.
dns_dnssec_keylistfromrdataset: error reading private key file
bitcorner.de/RSASHA1/16938: file not found
dns_dnssec_keylistfromr
11 matches
Mail list logo
