[ Quoting Matthijs Mekking at 10:01 on August 16 in "Re: [Opendnssec-user] confusing err"... ] > > But the setting is 'keep': > > > > $ ods-ksmutil policy export -p default | grep Serial > > <Serial>keep</Serial> > > > > I'm I doing something wrong here? > > Hi Miek, > > The 'keep' value tells the signer that the operator manually updates the > serial in the unsigned zone file. > > If the signer is triggered to sign, it should increment the outbound > serial. However, with <Serial>keep</Serial> it MUST use the serial from > the input zone to increment the outbound serial. If that value is not > greater than the outbound serial, the signer is unable to sign the zone.
Ah, of course. I didn't completely wipe out the ods stats, so it still knows what the prev serial is. *more coffee* Thanks for the quick reply. grtz Miek
signature.asc
Description: Digital signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
