Hi,
It seems to work! Thank you!
To summarize:
On the master side I have the following configuration:
dnssec-policy "test" {
keys {
ksk lifetime P3D algorithm rsasha256 2048;
zsk lifetime P2D algorithm rsasha256 1024;
};
};
zone "**" {
type master
>
>
> the keys are generated on the master but not on the slaves.
> so I don't understand how the slaves can read their zone file which ends in
> ".signed" because they don't have the keys ? (but it's work with dig, i see
> DS with the right ZSK)
>
> Regards
>
> Adrien
>
Because the zone is
2 matches
Mail list logo
