Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #15941
| From | Daniel Stirnimann <daniel.stirnimann@switch.ch> |
|---|---|
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: AW: How to prepublish additional DNSKEY |
| Date | 2020-07-09 12:43 +0200 |
| Message-ID | <mailman.662.1594291431.942.bind-users@lists.isc.org> (permalink) |
| References | <3E18C1A0C550C44DA156DA5DA8ECCC6AB622808F@NICS-EXCH2.sbg.nic.at> <alpine.DEB.2.20.2007081628490.9145@grey.csi.cam.ac.uk> <3E18C1A0C550C44DA156DA5DA8ECCC6AB622A510@NICS-EXCH2.sbg.nic.at> <8bfafdd3-edb6-8e2a-e20b-d4d094cb7c32@switch.ch> |
On 09.07.20 11:51, Klaus Darilion wrote: >>> So, how is the correct process to add an additional DNSKEY (only the public >> key is known). >> >> I think you are looking for `dnssec-importkey`. > > Indeed. I imported the key and got a .key and .private file. I put those files in the same directory as the other keys, gave read permissions to bind and executed: > rndc loadkeys myzone > rndc sign myzone > > But the additional key is not added to the reponse of DNSKEY queries. Does the key have correct timing metadata in the key file? Have a look at "dnssec-settime". Daniel
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: AW: How to prepublish additional DNSKEY Daniel Stirnimann <daniel.stirnimann@switch.ch> - 2020-07-09 12:43 +0200
csiph-web