Public bug reported: On 18.04 with bind9/bionic-updates,bionic-proposed,now 1:9.11.3+dfsg- 1ubuntu1.9
Where a zone file has DNSSEC enabled and an NSEC3PARAM record is added to the already-signed zone file: example.com. IN NSEC3PARAM ( 1 0 10 16 0d95646237ae38bc ) an attempt to re-sign the zone file fails with: dnssec-signzone -o example.com example.com.hosts dnssec-signzone: error: dns_rdata_fromtext: example.com.hosts:165: near '0d95646237ae38bc': extra input text dnssec-signzone: fatal: failed loading zone from 'example.com.hosts': extra input text This seems related to upstream report "Problems signing a zone that already contains an NSEC3PARAM" https://gitlab.isc.org/isc-projects/bind9/issues/953 ** Affects: bind Importance: Undecided Status: New ** Affects: bind9 (Ubuntu) Importance: Undecided Status: New ** Also affects: bind Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1842939 Title: dnssec-signzone: error when NSEC3PARAM record exists To manage notifications about this bug go to: https://bugs.launchpad.net/bind/+bug/1842939/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
