Hi Michael,
There is no other way to get this information. But you can compute it by
yourself using keymgr list and
https://www.knot-dns.cz/docs/3.3/singlehtml/index.html#zsk-lifetime
Honestly, I don't consider monitoring the rollovers to be extra interesting if
properly configured.
Daniel
On 3/6/24 23:29, Michael Grimm via knot-dns-users wrote:
Daniel Salzman via knot-dns-users <[email protected]> wrote:
CZ.NIC has released Knot DNS 3.3.5!
[…]
Changelog:
https://gitlab.nic.cz/knot/knot-dns/-/releases/v3.3.5
"knotd: new DNSSEC key rollover log informs about next planned key action"
Thanks, now I do see: "info: [ellael.org.] DNSSEC, next key action, ZSK, generate at
2024 …" in the logfile.
But please ignore my ignorance, "knotc -e zone-status ellael.org
<http://ellael.org/>" doesn't show rollover dates, correct?
Is there another way to get that rollover info by knotc?
Regards,
Michael
--
--
