[ Classification Level: GENERAL BUSINESS ]
Offhand, it looks like the server side is configured to only allow
authenticated updates, but you're sending an unauthenticated one.
A more nuanced issue might be if the ID you're running the nsupdate as,
can't read the key files, so even though you may
On Wed, 5 Aug 2020, Mark Andrews wrote:
Your key name usage is not consistent. acmesh-ottawatch != ottawatch-acmesh
Thank you! Fixed and working.
Why are you adding `check-names warn;`? check-names does NOT apply to TXT
records.
Previously I was getting the error "bad owner name
I'm having a problem getting nsupdate to work, as shown below.
(Despite reading the man pages I'm not 100% clear about the exact scope of
the grant options and it may not be right. Examples would be helpful.)
I generated the key:
ddns-confgen -k acmesh-ottawatch. -z ottawatch.ca
# To
Hi all,
Looking for a temporary work around, while an issue gets resolved. I have a
DNS query coming in with an invalid class requested (65 or 0x41).
The workaround I’m looking for is one that just uses the IN class (1 or
0x01), if I have to duplicate all records required into “CLASS65” it could
Thank you, -d surfaced the issue - now to decide what to do about it...
From: bind-users on behalf of Kevin Darcy
Sent: Tuesday, August 4, 2020 3:28 PM
To: bind-users@lists.isc.org
Subject: [EXTERNAL] Re: CNAME restrictions
CAUTION: This email originated
Thanks for full details.
Your key name usage is not consistent. acmesh-ottawatch != ottawatch-acmesh
Why are you adding `check-names warn;`? check-names does NOT apply to TXT
records.
Mark
> On 5 Aug 2020, at 08:44, Brett Delmage wrote:
>
> I'm having a problem getting nsupdate to work, as
> On 5 Aug 2020, at 13:12, Brett Delmage wrote:
>
> On Wed, 5 Aug 2020, Mark Andrews wrote:
>
>> Your key name usage is not consistent. acmesh-ottawatch != ottawatch-acmesh
>
> Thank you! Fixed and working.
>
>> Why are you adding `check-names warn;`? check-names does NOT apply to TXT
>>
On 04.08.20 17:29, Leroy Tennison wrote:
I have a situation where, due to the system's location (IP subnet), its DNS
name is ..datavoiceint.com. We have a
certificate for *.datavoiceint.com which we prefer to use
wildcard in certificates only covers one level of subdomains, so
I have a situation where, due to the system's location (IP subnet), its DNS
name is ..datavoiceint.com. We have a
certificate for *.datavoiceint.com which we prefer to use instead of having to
acquire a certificate for .datavoiceint.com since this is a
one-off internal-only web server. Our
9 matches
Mail list logo
