So, I setup up DNSSEC on my authoritative bind 9.12 server, which was very
straightforward and works fine:
dig covisp.net +dnssec +short @8.8.8.8
65.121.55.42
A 7 2 86400 20181008122535 20180908122535 17363 covisp.net.
pkpVdFONJ2dYN+7wQ4pVcQTlWIThY3+mbNdXsE8p5uWiLNvIefVT32JE
i9itA3Si91/pImofmPn
On 8 Sep 2018, at 14:58, @lbutlr wrote:
> so I think there must be something else.
You might need to so some other housekeeping:
https://zonemaster.net/domain_check
http://dnsviz.net/d/covisp.net/dnssec/
/Niall
signature.asc
Description: OpenPGP digital signature
On 09/08/2018 07:58 AM, @lbutlr wrote:
what do I need to do for other DNS servers?
I don't think you need to do anything special.
The zone signatures come form and are managed by the master name server.
The secondary name server(s) is (are) just additional servers with
copies of the zone.
Some clarification
Have you DNSSEC Signed your Domain - that is "covisp.net" because I
don't see any DS records for it in the "net" zone.
dig @a.gtld-servers.net. covisp.net ds
flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
returns the SOA for NET - so I know I got to the r
On 08 Sep 2018, at 09:59, Niall O'Reilly wrote:
> On 8 Sep 2018, at 14:58, @lbutlr wrote:
>
>> so I think there must be something else.
>
> You might need to so some other housekeeping:
>
> https://zonemaster.net/domain_check
> http://dnsviz.net/d/covisp.net/dnssec/
Oh, well, that is interesti
5 matches
Mail list logo
