I've had bind 9.9.4 doing dnssec for a few years now. All the zones are configured with:
key-directory "/var/named/keys";
auto-dnssec maintain;
inline-signing yes;
I just added a bunch of zones, and 8 of them are failing with:
dns_dnssec_findzonekeys2: error reading private key file
<ZONE>/RSASHA1/27456: file not found
I did an strace and find that when it looks for
K<ZONE>.+008+<NUMBER>.private
it's looking for a different <NUMBER>
I've re-run dnssec-keygen and rndc sign on the zones, but that doesn't
fix things. I'm not sure what is going on or how to fix it...
The main impact is filling up the log file - these zones aren't tied
into the root chain yet, but I'd like to get it fixed...
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
