Hi Kim,
Thank you for your email. I'll give this a shot. I did run dns-signzone on both
zones again but I didn't remove the signed zones first.
Regards,
-Ryan
Original Message
From: Kim Culhan
Sent: Friday, March 30, 2018 06:32 PM
To: bind-users@lists.isc.org
Subject: Re: error reading private key file, ddns_update update failed not found
>On Fri, March 30, 2018 4:57 pm, Ryan McGuire wrote:
>
>> Mar 29 15:50:39 bind named[99]: dns_dnssec_findzonekeys2: error > reading
>private key file mcguire.local/RSASHA256/43356: file not > > found
>> Mar 29 15:50:39 bind named[99]: dns_dnssec_findzonekeys2: error > reading
>private key file mcguire.local/RSASHA256/43345: file not >found
>
>Recent experience has been that the 'key file not found' problem an result
>from
>replacing the key files in the key directory.
>
>When the zone is signed, bind retains the key files which existed at that
>time
>by including them in the signed zone files.
>
>There may be a better way to fix this, but I found it necessary to re-sign
>the zone
>after removing the existing signed zones files:
>
>As in: rm domain.zone.* then resign the zone.
>
>In the process of Googling for a solution to this problem for days I found
>only one
>more 'sophisticated' approach to this problem.
>
>This is probably not the best way to do this, but it gets the server up and
>running
>again in a few minutes.
>
>Maybe someone will followup to this 'solution' with the correct way and it
>may be
>you didn't make the mistake I did and re-generate the keys.
>
>thanks
>-kim
>
>___
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>from this list
>
>bind-users mailing list
>bind-users@lists.isc.org
>https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
