My understanding from the ARM is that the dnssec-policy can be in the
"options", "view" or "zone". I have mine in "view" and when I try to move
into "options" I get a syntax error that I cannot seem to understand what
is wrong. I stripped out all other statements and reduced the
dnssec-policy to just a handful of items to KISS and I still do not see why
why I get the error from named-checkconf. I can move the block from under
"options" to the "view" and it just works so I am not sure why
named-checkconf thinks there is a missing semicolon? Bind 9.16.23-RH.
# named-checkconf 1.conf
1.conf:3: missing ';' before '{'
1.conf:3: '}' expected near '{'
# cat 1.conf
options {
dnssec-policy "mydefault" {
keys {
csk key-directory lifetime unlimited algorithm ecdsa256;
};
};
};
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
