Adding a new domain with DNSSEC
@lbutlr
kremels at kreme.com
Sun Apr 10 08:40:38 UTC 2022
I have an several domains setup in bind, all with DNSSEC implemented, and am trying to add a new domain, and seem to have missed a step.
# dnssec-keygen -a 13 example,com
# dnssec-keygen -f KSK -a 13 example,com
Add $INLCUDE to the zone file for each of these 4 keys.
# dnssec-signzone -3 $(head -c 1000 /dev/random | shasum | cut -b 1-16) -o example.com -t example.com
dnssec-signzone: warning: keys/Kexample.com.+013+55923.private:1: unknown RR type 'v1.3'
dnssec-signzone: fatal: failed loading zone from 'example.com': unknown class/type
--
"Are you pondering what I'm pondering?"
"I think so, Brain! But ruby-studded stockingswould be mighty
uncomfortable wouldn't they?"
More information about the bind-users
mailing list