do not stupidly delete ZSK files
Evan Hunt
each at isc.org
Thu Jul 30 17:37:57 UTC 2015
On Thu, Jul 30, 2015 at 10:30:33AM -0700, David Newman wrote:
> After that second procedure (and also chown'ing the keyfiles to the bind
> user), the command 'dig +dnssec +multi dnskey example.com' gives
> different results depending on which nameserver gets the query:
>
> Hidden primary (not authoritative for this zone): Key still in zone
... sorry, I'm confused. Which of the servers is doing the signing?
eh
More information about the bind-users
mailing list