On 2021-05-13 09:41, Software Info wrote:
Wow. Thanks so much for all the responses. Really appreciate it. They
made me truly realize that a lot on the info on the net may be either
incomplete or just old. I understand a bit better now.
I added the line inline-signing yes;
inline-signing is not
Wow. Thanks so much for all the responses. Really appreciate it. They made me
truly realize that a lot on the info on the net may be either incomplete or
just old. I understand a bit better now.
I added the line inline-signing yes; as was suggested and reloaded bind. I am
now seeing the .signed,
Peter Fraser wrote:
>
> I am using bind-9.14.x and here are the DNSSEC related entries in the zone.
>
> auto-dnssec maintain;
> update-policy local;
> key-directory “zones/domain-keys”;
How you go about this depends on whether your configuration enables
`inline-signing` or not.
If it has inline-
Hi Peter ..
How do you know your DNSSEC is working to begin with?
Here is a URL that I prefer to use that will help answer that question:
https://dnsviz.net/
What you are looking for is your to zone to be “secure”.
Since you are an experienced BIND admin .. any clues to be found in the logs?
4 matches
Mail list logo
