On 29.12.2015 14:30, Günther J. Niederwimmer wrote:
Hello,
Is it possible to install a DSNSEC Master with my before created KSK ZSK?
Background:
I have installed a IPA Master on my System now I have change the Hardware and
make a new installation with new Hardware?
I have only a backup from the Files in
/var/named/dyndb-ldap/ipa/master/example.com/keys/
When I now enable a new DNSSEC Master create freeIPA new KSK ZSK for the
Domain ?
Then I have to wait after the holidays to UPDATE the DS Record on my ISP :-(.
Thanks for a answer,
I'm not sure if this is possible,
IPA uses openDNSSEC, and it needs softhsm database and database of keys
metadata, which are not located in /var/named/...
New installation of DNSSEC master will create new keys.
My colleague is more familiar with bind-dyndb-ldap, but he will be
available after holidays too.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
