Due to customer requirements, I'm deploying BIND 9.8.2 on RHEL 6.8 and can
neither upgrade BIND to a newer version or upgrade to RHEL 7. I have
successfully configured a master and slave DNS server, DNSSEC, with
Transaction Signatures, and have performed a successful manual zone update,
incremented the serial number, resigned the zone, and completed a zone
transfer of a DNSSEC-signed zone file for which the master server is
authoritative. 

I have read in Michael W. Lucas' DNSSEC Mastery book that BIND 9.9 and newer
can automatically sign zones and refresh signatures (RRSIGs), but older
versions cannot (p. 53). Unfortunately, I have to use BIND 9.8.2. Manually
efreshing RRSIGs for all zones his is quite a task to refresh signatures if
the client requires RRSIGs to be renewed once per 7 days. Is it possible to
automatically refresh RRSIGs in BIND 9.8.2 by any means automatically?



--
View this message in context: 
http://bind-users-forum.2342410.n4.nabble.com/Automatic-RRSIG-Refresh-in-BIND-9-8-2-tp3946.html
Sent from the Bind-Users forum mailing list archive at Nabble.com.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to