On 8/18/16 1:29 PM, Jim Fenton wrote:
> The extra DNSKEY records were not present in the zone file of the master
> server, so I reinitiated a zone transfer and this did not help. I
> checked the signed zone file on the master with named-checkzone and only
> the desired DNSKEY records were there.
I recently switched from external signing of my zone to use of BIND 9.9
inline signing. While things went fairly smoothly on the master server,
my slave ended up with a bunch of spurious DNSKEY records that came from
my previous keys (I generated new keys when I went to inline signing).
The extra
2 matches
Mail list logo
