Re: rndc and nsupdate failing to work for me

Hi John,  thanks for replying and your thoughts! I will intersperse my feedback within your comments - On 03/13/2019 08:33 PM, John W. Blue wrote: > > Marc, > >   > > Regarding your rndc problem, I think you might be confusing rndc. > >   > > If rndc is invoked with no options, specifically “k”, t

Re: DELV 9.12.3-P1 - Issue Loading Trusted Keys

On Wed, Mar 13, 2019 at 06:52:38PM +, LeBlanc, Daniel James wrote: > sudo /var/named/bin/delv @ -a /var/named/keys/trythese.keys > -b127.0.0.1 ansible.test.dnsview.newdomain.bell.ca +rtrace +multiline +mtrace > +vtrace > > ...and getting this result: > > /var/named/bin/delv: No trusted keys

RE: rndc and nsupdate failing to work for me

Marc, Regarding your rndc problem, I think you might be confusing rndc. If rndc is invoked with no options, specifically “k”, then rndc assumes the key it needs is in the rndc.conf file. If rndc.conf is not present, rndc will use the default rndc.key file. That said, since rndc knows there is

rndc and nsupdate failing to work for me

Hello Bind Users, I have been working on upgrading my Bind 9.11.2 server (running on a Linux system, OpenSuSE Leap 15) so that I can accept DNS challenges/verification from/for LetsEncrypt certificates, and I am running into a wall trying to get nsupdate (and rndc which I wanted to use to test the

DELV 9.12.3-P1 - Issue Loading Trusted Keys

Hello. I am having difficulty configuring DNSSEC local trust anchors in ISC BIND 9.12.3-P1. In the process of troubleshooting I turned to delv and discovered that for some reason my trusted-keys are not being loaded (if I point delv at the bind.keys file it loads fine so perhaps there is some

Re: Error: zone example.com/IN (signed): receive_secure_serial: unchanged

Tom wrote: > > DNSSEC is working fine on the zone "example.com", but as I mentioned: The > severity is "error" and it's not clear why. It looks to me like the code is re-using its error path clean-up in a case where there is nothing to do, and if it is as simple as that then the patch below shoul

Re: Error: zone example.com/IN (signed): receive_secure_serial: unchanged

Hi list Any hints on the error below after restarting bind (using BIND-9.12.3-P1)? zone example.com/IN (signed): receive_secure_serial: unchanged DNSSEC is working fine on the zone "example.com", but as I mentioned: The severity is "error" and it's not clear why. Many thanks for any hints/id