Re: [Freeipa-users] dnssec support in 4.1
On 07/22/2015 03:52 PM, Andrew E. Bruno wrote: On Wed, Jul 22, 2015 at 04:48:33PM +0300, Alexander Bokovoy wrote: On Wed, 22 Jul 2015, Andrew E. Bruno wrote: Apologies if this has been answered before but we're interested in dnssec support in FreeIPA. Running Centos 7.1.1503, ipa-server 4.1.0-18 and following the docs here: https://www.freeipa.org/page/Howto/DNSSEC and http://www.freeipa.org/page/Releases/4.1.0#DNSSEC_Support # ipa-dns-install --dnssec-master Usage: ipa-dns-install [options] ipa-dns-install: error: no such option: --dnssec-master Is this not supported in 4.1.0? If not, is there a manual way to get zone signing to work? DNSSEC support is switched off in RHEL 7.1 (and CentOS 7.1) but is available in Fedora 21+/upstream bits. We plan to bring DNSSEC support to next RHEL 7 update, thanks to stabilization work done after RHEL 7.1 release. Sounds great. Thanks. Looking forward to the next update. Cool! BTW, if you are interested in DNSSEC, we would really welcome your early testing of the feature so that any potential issues can be caught even before the bits hit RHEL/CentOS - there is still time. More details about the release and repos where to get it: http://www.freeipa.org/page/Releases/4.2.0 Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] dnssec support in 4.1
On Wed, Jul 22, 2015 at 04:48:33PM +0300, Alexander Bokovoy wrote: > On Wed, 22 Jul 2015, Andrew E. Bruno wrote: > >Apologies if this has been answered before but we're interested in > >dnssec support in FreeIPA. Running Centos 7.1.1503, ipa-server 4.1.0-18 > >and following the docs here: > >https://www.freeipa.org/page/Howto/DNSSEC > > > >and > > > >http://www.freeipa.org/page/Releases/4.1.0#DNSSEC_Support > > > ># ipa-dns-install --dnssec-master > >Usage: ipa-dns-install [options] > > > >ipa-dns-install: error: no such option: --dnssec-master > > > > > >Is this not supported in 4.1.0? If not, is there a manual way to get > >zone signing to work? > DNSSEC support is switched off in RHEL 7.1 (and CentOS 7.1) but is > available in Fedora 21+/upstream bits. > > We plan to bring DNSSEC support to next RHEL 7 update, thanks to > stabilization work done after RHEL 7.1 release. Sounds great. Thanks. Looking forward to the next update. > -- > / Alexander Bokovoy > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] dnssec support in 4.1
On Wed, 22 Jul 2015, Andrew E. Bruno wrote: Apologies if this has been answered before but we're interested in dnssec support in FreeIPA. Running Centos 7.1.1503, ipa-server 4.1.0-18 and following the docs here: https://www.freeipa.org/page/Howto/DNSSEC and http://www.freeipa.org/page/Releases/4.1.0#DNSSEC_Support # ipa-dns-install --dnssec-master Usage: ipa-dns-install [options] ipa-dns-install: error: no such option: --dnssec-master Is this not supported in 4.1.0? If not, is there a manual way to get zone signing to work? DNSSEC support is switched off in RHEL 7.1 (and CentOS 7.1) but is available in Fedora 21+/upstream bits. We plan to bring DNSSEC support to next RHEL 7 update, thanks to stabilization work done after RHEL 7.1 release. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project