On Thu, 2010-02-11 at 10:26 +0200, Patrik Wallström wrote: > On Feb 11, 2010, at 6:50 AM, Antti Ristimäki wrote: > > > Hi, > > > > Is it possible to disable the automatic resign altogether and rely on > > triggering the signing process via some external script only that is > > executed periodically? > > > > Sure we can set the <Resign> interval high enough but I was just > > wondering whether the automatic resign could be disabled by setting the > > <Resign> value to zero or something? > > > If you set the <Serial> option to "keep" in the <SOA> block in kasp.xml, you > might get what you want. What happens then is that you only resign when the > SOA serial has increased, and you can trigger that with "ods-signer sign > zonename". Will that work for you?
Yes, actually we are currently doing it this way and it seems to work. I was just curious to know whether it could be possible to disable the automatic resign altogether so that the signer wouldn't even try to sign the zone automatically. Antti _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
