Re: bind 9.10-P2 dnssec keys management

2014-08-07 Thread Mark Andrews
Please FIX your email client. It really stuffs up the text/plain by adding in additional lines. In message <102153bef555e7489ca5d54165c431a301301...@exchbsi02.ttt.co.th>, "Jit tinan Suwanruengsri" writes: > > Hi, > > 1. my server use key id 23412 first and then 40767 > > > > [root@dnssec k

Re: bind 9.10-P2 dnssec keys management

2014-08-07 Thread Evan Hunt
> 3. I use dig to check whether bind activate new key correctly or > not but I notice there is some dns records which are signed by new key > and some dns records are signed by old key. In therory,After new ZSK is > activated.All dns records must be signed with new key. After a new ZSK is ac

bind 9.10-P2 dnssec keys management

2014-08-07 Thread Jittinan Suwanruengsri
Hi, 1. my server use key id 23412 first and then 40767 [root@dnssec keys]# dnssec-settime -p all Kexample.com.+005+23412 Created: Wed Jul 30 14:56:09 2014 Publish: Wed Jul 30 14:56:09 2014 Activate: Fri Aug 1 14:56:09 2014 Revoke: UNSET Inactive: Sun Aug 31 14:56:09 2014 Delete: M