Julian K. wrote:
> > There's your problem: not presigned. You need to set them
> > "presigned"
> > so that pdns knows they're signed and that it needs to send rrsig
> > records. To do this, you'll need to run
> >
> > pdnssec set-presigned zone
> I want the bindbackend to manage the keys an
There’s your problem: not presigned. You need to set them “presigned”
so that pdns knows they’re signed and that it needs to send rrsig
records. To do this, you’ll need to run
pdnssec set-presigned zone
I want the bindbackend to manage the keys and transparently sign my zones.
Does this r
On 05.08.2014 17:52:05, Julian K. wrote:
> Aug 5 17:11:08 h1988784 pdns[12055]: Domain 'ssl-tools.net' is
> fresh (not presigned, no RRSIG check)
There’s your problem: not presigned. You need to set them “presigned”
so that pdns knows they’re signed and that it needs to send rrsig
records. To d
Dead pdns users,
I am running a powerdns master with bind backend and a bind-dnssec-db.
Two superslaves receive their zones from the master using zone transfer.
After securing a zone and incrementing the serial, the master returns
RRSIG records if the DO flag is set, but the slaves do not:
|`