On Fri, March 30, 2018 4:57 pm, Ryan McGuire wrote: > Mar 29 15:50:39 bind named[99]: dns_dnssec_findzonekeys2: error > reading private key file mcguire.local/RSASHA256/43356: file not > > found > Mar 29 15:50:39 bind named[99]: dns_dnssec_findzonekeys2: error > reading private key file mcguire.local/RSASHA256/43345: file not >found
Recent experience has been that the 'key file not found' problem an result from replacing the key files in the key directory. When the zone is signed, bind retains the key files which existed at that time by including them in the signed zone files. There may be a better way to fix this, but I found it necessary to re-sign the zone after removing the existing signed zones files: As in: rm domain.zone.* then resign the zone. In the process of Googling for a solution to this problem for days I found only one more 'sophisticated' approach to this problem. This is probably not the best way to do this, but it gets the server up and running again in a few minutes. Maybe someone will followup to this 'solution' with the correct way and it may be you didn't make the mistake I did and re-generate the keys. thanks -kim
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
