What "category" should one be logging in order to get details of DNSSEC
inline signing when running Bind 9.8.11?
I have an authoratitive master server with a number of domains set with:-
inline-signing yes;
auto-dnssec maintain;
and have a suspicion that Bind has simply stopped re-signing most of them.
This is based on monitoring of the time before expiry of signatures.
What I am looking for is the debug logging which shows Bind deciding what
needs resigning and when, as I would like to troubleshoot the issue. My
further suspicion is that restarting Bind would fix it.
Needless to say, there are no errors in the logs. I have tried the obvious
of turning up the "dnssec" logging to level 3, but get nothing at all so
far.
With many thanks.
Best wishes,
Matthew
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
