On Feb 19 2014, Alan Clegg wrote:
On 2/19/14, 8:59 PM, Chris Thompson wrote:
What is the right way ... or maybe I should be asking IS there a right
way ... to change a zone that has been signed by inline signing (i.e. with
inline-signing yes; auto-dnssec maintain; in it zone statement) to
Thanks - I have now tried that (set the deletion date to now with
dnssec-settime), and it does work. You end up with a [zone-file].signed
which is not actually signed being served, but being maintained from
[zone-file] in an incremental way.
I suppose this is indeed the way to go with the flow
On Mar 6 2014, Graham Clinch wrote:
Thanks - I have now tried that (set the deletion date to now with
dnssec-settime), and it does work. You end up with a [zone-file].signed
which is not actually signed being served, but being maintained from
[zone-file] in an incremental way.
I suppose this
Hi Chris co,
Using 9.9.5, I get messages exactly like that
when updating the unsigned zone file while there are no keys.
Thanks for the confirmation - I've logged bind9 bug #35502
inline-signed zone, with no keys, does not synchronise changes made in
master file.
Back on topic - I didn't
What is the right way ... or maybe I should be asking IS there a right
way ... to change a zone that has been signed by inline signing (i.e. with
inline-signing yes; auto-dnssec maintain; in it zone statement) to unsigned?
When I change the zone statement to remove the inline signing part, and
On 2/19/14, 8:59 PM, Chris Thompson wrote:
What is the right way ... or maybe I should be asking IS there a right
way ... to change a zone that has been signed by inline signing (i.e. with
inline-signing yes; auto-dnssec maintain; in it zone statement) to
unsigned?
When I change the zone
6 matches
Mail list logo