Hi! Im have just set the opendnssec with sosfthsm in prod for some domains.. works very easy. The only thing Is that u need to add cron stuff for backup and set the trust chain with the registrar every 12 month. :) Easy to add zones..
Med vänliga hälsningar / Best regards / Ystävällisin terveisin / S pozdravem, //Anders Larsson Technical Security Specialist * Tieto, Managed Services and Transformation, MDZ Datacenter Services, MDN * Tredje Bassängvägen 2 * SE-115 83 Stockholm * Visitors address: Fjärde Bassängvägen 15 www.tieto.com * Tel: +46 (0)10 481 02 20 * Mobil: +46 (0)70 656 42 64 * Mail: [email protected] ********************************************** ---- Debian is they way to salvation ---- --- How Hard Can It Be --- -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Peter Olsson Sent: den 17 december 2012 03:20 To: [email protected] Subject: [Opendnssec-user] DNSSEC check tools (CLI, not GUI)? I use yazvs.pl on our DNSSEC domains, but it stopped working because of a removed method new_from_hash in Net:DNS:RR. I'm not a perl programmer, so I have to change to another DNSSEC check tool. Requirements are: * Run from cron * Preferably written in python, perl, C or bash script * I want the tool to check, at least, that the DNSSEC zone and its keys and signatures are working and valid from the Internet point of view, and that there are no keys expiring in less than X days I'm currently looking at the tools at http://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQZoom;ItemID=139 But I thought that there must be some good recommendations from members of this list. Thanks! -- Peter Olsson [email protected] _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
