Due to customer requirements, I'm deploying BIND 9.8.2 on RHEL 6.8 and can neither upgrade BIND to a newer version or upgrade to RHEL 7. I have successfully configured a master and slave DNS server, DNSSEC, with Transaction Signatures, and have performed a successful manual zone update, incremented the serial number, resigned the zone, and completed a zone transfer of a DNSSEC-signed zone file for which the master server is authoritative.
I have read in Michael W. Lucas' DNSSEC Mastery book that BIND 9.9 and newer can automatically sign zones and refresh signatures (RRSIGs), but older versions cannot (p. 53). Unfortunately, I have to use BIND 9.8.2. Manually efreshing RRSIGs for all zones his is quite a task to refresh signatures if the client requires RRSIGs to be renewed once per 7 days. Is it possible to automatically refresh RRSIGs in BIND 9.8.2 by any means automatically? -- View this message in context: http://bind-users-forum.2342410.n4.nabble.com/Automatic-RRSIG-Refresh-in-BIND-9-8-2-tp3946.html Sent from the Bind-Users forum mailing list archive at Nabble.com. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
