I shouldn’t have tried to write that on the phone from memory.
dnssec-policy “unlimited” {
keys { csk lifetime unlimited algorithm ECDSAP256SHA256; };
};
zone "jungersen.dk” {
type master;
file "/etc/bind/zones/db.jungersen.dk”;
allow-transfer { 192.168.20.11; };
On 20-02-2025 08:40, Mark Andrews wrote:
The zone is available publicly, but from public serveres not hosted by me
(one.com).
And points to my external ip.
My internal bind redirects local traffic directly to local servers on local
ip's.
DNSSEC is designed to stop spoofed answers being accepte
Hi Sergio,
the BIND 9 documentation covers this:
https://bind9.readthedocs.io/en/v9.18.34/chapter5.html#pkcs-11-cryptoki-support
Since you are using OpenSSL you must ensure that Legacy engines are enabled.
I would however recommend switching to 9.20.6 that has support for more modern
OpenSSL Pr
Hi,
We need to integrate a "Thales Luna HSM PCIe 7" card, that we just
purchased, with the most updated BIND version that works in this scenario.
We had followed carefully the instructions given by the Thales documents but we
had not succefull results. Also, we had contacted the Thales p
4 matches
Mail list logo
