On Wed, 2012-02-01 at 17:18 -0500, Michael W. Lucas wrote:
> Hi,
>
> I'd put off DNSSEC because of the high maintenance requirement. But
> with 9.9 and inline signing, it looks like I can now do DNSSEC the way
> I need (static zone files that work with legacy tools, automatic key
> rotation, etc.)
On Wed, Feb 01, 2012 at 11:51:55PM +, Spain, Dr. Jeffry A. wrote:
> > Any suggestions, folks? What am I not understanding?
>
> Michael: To determine why there is no DNSSEC information being returned by
> your dig query, consider the following:
>
> What are the timestamps in your key metadata
> Any suggestions, folks? What am I not understanding?
Michael: To determine why there is no DNSSEC information being returned by your
dig query, consider the following:
What are the timestamps in your key metadata? Are they currently published and
active?
nstest/etc/namedb/keys;dnssec-settime
3 matches
Mail list logo
