On 14-10-2022 15:26, PGNet Dev wrote:
zone "example.com" IN {
type master; file "/namedb/master/example.com.zone";
dnssec-policy "pgnd";
key-directory "/keys/dnssec/example.com";
update-policy { grant pgnd-external-rndc-key zonesub txt; };
};
what's the source of the "zone_rekey:dns_zone_getdnsseckeys"?
specifically, what's not being found?
have i missed/miconfig'd config, omitted a file/dir that current config
expects, or is this a bug?
Did you check that BIND has access to key-directory?
In the example.com domain above you are using an absolute path. BIND
needs to be able to read and write in '/keys/dnssec/example.com'.
Normally this is a relative path. Relative to 'directory' option.
Think ownership, permission and things like SELinux, AppArmore depending
on your OS.
-- Sandro
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
