"auto-dnssec maintain" stoped working again...
Hauke Lampe
lampe at hauke-lampe.de
Sat Oct 1 00:02:56 UTC 2011
On 01.10.2011 00:09, Michelle Konzack wrote:
> I run my three NS with DNSSEC and now I have encountered, that it has
> stoped maintaining the Zone since september and has not changed to
> october.
Do you mean expired signatures or no signatures at all?
In the latter case, have you checked that the zone's keys are readable
by named and still active?
Try dnssec-settime -p all /path/to/keys/Kexample.com.+005+12345.key and
look for "Activate:" and "Inactive:"
There have been a few bugfixes to automatic signing between 9.7.3 and
9.8. Maybe you hit one of those bugs.
Hauke.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20111001/30ecd114/attachment.bin>
More information about the bind-users
mailing list