DNSSEC: recover from missing keys
Klaus Darilion
klaus.mailinglists at pernau.at
Fri May 16 14:26:20 UTC 2014
Hi!
During rollover testing I quite often delete keys without properly
settings the timestamps in the keys - it is testing only.
This leads to such errors:
error reading private key file example.com/NSEC3RSASHA1/64337: file not
found
To recover and restart my testing I:
- remove the zone from the config
- rndc reconfig
- delete the signed zone and journal files
- ad the zone to the config
- rndc reconfig
This works but is cumbersome. Is there a method to instruct Bind to just
remove all references to the missing keys and start a fresh signing with
the existing keys?
Thanks
Klaus
More information about the bind-users
mailing list