named is not finding the keys for DNSSEC
Andreas Meyer
a.meyer at nimmini.de
Thu Aug 4 11:13:30 UTC 2016
Hi!
> Tony Finch <dot at dotat.at> schrieb am 04.08.16 um 09:21:36 Uhr:
> > The error suggests to me that you have a key-directory mismatch, but you
> > seem to have that under control.
That was the right hint! I had no key-directory "/var/lib/named/keys";
specified in named.conf.
There also is no key-directory specified in the original named.conf,
just a managed-keys-directory "/var/lib/named/dyn/";
The errors are gone since I specifed a key-directory too.
dnssec-validation yes;
key-directory "/var/lib/named/keys";
managed-keys-directory "/var/lib/named/dyn";
dnssec-lookaside auto;
Also the "the working directory is not writable" error is gone
therefore. chroot is working!
Now I'll look at inline-signing yes;
Thank you for your patience!
Andreas
More information about the bind-users
mailing list