You can set 'purge-keys' to a value you feel comfortable with. By
default it is set to 90 days, so after 90 days the key is completely
hidden, it will be removed from disk.
Best regards,
Matthijs
On 19-03-2025 09:29, adrien sipasseuth wrote:
Hello,
I use Bind 9.20.4, with KASP policy to set
Hello,
I use Bind 9.20.4, with KASP policy to setup DNSSEC on some zone.
When a KSK are "hidden" and present with "rndc dnssec -status ",
i moved it to an archive repository.
But this generate many logs :
mars 19 09:15:46 xxx named[2378461]: 19-Mar-2025
09:15:46.149 dnssec: error: zon
2 matches
Mail list logo
