On 29.12.2015 14:30, Günther J. Niederwimmer wrote:
Hello,

Is it possible to install a DSNSEC Master with my before created KSK ZSK?

Background:

I have installed a IPA Master on my System now I have change the Hardware and
make a new installation with new Hardware?

I have only a backup from the Files in
/var/named/dyndb-ldap/ipa/master/example.com/keys/

When I now enable a new DNSSEC Master create freeIPA new KSK ZSK for the
Domain ?

Then I have to wait after the holidays to UPDATE the DS Record on my ISP :-(.

Thanks for a answer,

I'm not sure if this is possible,

IPA uses openDNSSEC, and it needs softhsm database and database of keys metadata, which are not located in /var/named/...

New installation of DNSSEC master will create new keys.

My colleague is more familiar with bind-dyndb-ldap, but he will be available after holidays too.

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to