> > I always had the impression that dnssec-signzone is a stand-alone > > utility and signing is done either with dnssec-signzone or with > > Bind's dnssec-policy. Does it really work to use dnssec-signzone on a > > zone and journal that is managed by named? > > No, it doesn't work like that. You turn off automatic signing and use > dnssec-signzone manually to sign the zone. > > I was under the impression that you needed to sign a zone with a > specific salt. dnssec-signzone can do that for you.
OK. So this is a worst-case workaround. I was hoping to find a workaround with still Bind9 doing all the signing automatically :) Thanks Klaus -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
