Using inline-signing, need to allow dynamic updates.
Mark Andrews
marka at isc.org
Mon Feb 27 21:25:18 UTC 2017
In message <201702271707.v1RH70Pv007779 at dolphin.adi.com>, Thomas Schulz writes:
> Right now we have our external view for adi.com set up to use
> inline-signing with the following entries in our named.conf file;
>
> inline-signing yes;
> key-directory "dnssec";
> auto-dnssec maintain;
>
> I now need to allow dynamic updates to support letsencrypt which needs
> to add txt records when the certificate is renewed. Can I just add
>
> allow-update { key keyname-here; };
>
> Or do I need to change the above configuration in some way?
That or a update-policy clause should be all that is required.
> Tom Schulz
> Applied Dynamics Intl.
> schulz at adi.com
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list