Is there a recommended order of operations when moving DNSSEC-enabled nameservers to a hidden-master setup?
I'm hoping it's just as simple as moving all these files into place on the hidden master: *.key *.private managed-keys.bind *.jbk *.jnl *.signed *.signed.jnl If not, what do I need to do? In theory I suppose I could crank all TTLs down to 0 and generate new keys on the hidden master and generate new DS keys for the registrar, but is that necessary? This is all on bind 9.9.4. Thanks. dn _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
