Hopefully this is a duh moment that I'm having. I am testing out what happens
when you have set the ZSK inactive and delete times and then try to sign the
zone via a rndc reload zonename command (using static zone file with inline
signing).
We have 3 keys as listed below:
KSK - 63406
ZSK -
I have opened up a Bug ticket with ISC on this - #26676, but I just wanted to
make sure that I'm not doing anything wrong that may be causing the issue.
Has anyone been able to get inline-signing to work on a static master zone
using an authoritative server?
When we manually change the Master
Kevin McConville
University at Albany
-Original Message-
From: Jan-Piet Mens [mailto:jpm...@gmail.com] On Behalf Of Jan-Piet Mens
Sent: Tuesday, November 22, 2011 1:02 PM
To: McConville, Kevin
Cc: bind-users@lists.isc.org
Subject: Re: Bind 9.9.0b2 inline signing...
22-Nov-2011 11:25:28.320
First off, Thank you to all who responded/helped in my previous post - this
list is a wonderful community. The inline-signing is now working...sort of.
We edit the static zone, adding a resource record (of any type), increment the
serial, and then do a rndc reload. However, Bind is still
[mailto:e...@isc.org]
Sent: Thursday, November 17, 2011 12:27 PM
To: McConville, Kevin
Cc: bind-users@lists.isc.org
Subject: Re: Bind 9.9.0B1 Inline-Signing Question
We edit the static zone, adding a resource record (of any type),
increment the serial, and then do a rndc reload. However, Bind
as keeping everyone up to date on the issue.
Thanks,
-Kevin
Kevin McConville
University at Albany
-Original Message-
From: Evan Hunt [mailto:e...@isc.org]
Sent: Thursday, November 17, 2011 2:15 PM
To: McConville, Kevin
Cc: bind-users@lists.isc.org
Subject: Re: Bind 9.9.0B1 Inline
I know that this isn't the forum for betas, which is why I put off-topic on the
subject line. We are trying to implement DNSSEC for our static zones. While
the dynamic signing has been automated, static inline-signing isn't available
until Bind 9.9
We have been testing with the alphas and now
I'm new to this list, so please bear with me if these are/seem like newbie
questions.
We are currently evaluating a DNSSEC implementation. We have several static
zones that we would like to implement first. We are currently using ISC Bind
9.7.4 - In the test environment (1) Authoritative dns
8 matches
Mail list logo
