Refresh of the .signed DNSSEC file?
Tony Finch
dot at dotat.at
Mon Feb 4 09:42:57 UTC 2019
@lbutlr <kremels at kreme.com> wrote:
> Based having update-policy local; auto-dnssec maintain; in the zone,
> when I make changed to example.com I was expecting that
> example.com.signed will be refreshed.
>
> This doesn’t seem to be happening.
Are you doing `rndc freeze` and `rndc thaw` before and after editing the
unsigned zone file?
How are you checking the signed zone? By querying the name server or by
looking at the file directly? If the latter, are you using
named-compilezone with the -j flag to include the journal, or are you
using named-journalprint?
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Shetland Isles: Southwesterly 5 or 6 at first in east, otherwise northwesterly
3 or 4, increasing 5 or 6 later, then veering northeasterly 3 or 4 later in
east. Moderate or rough, but slight in sheltered east at first. Rain or
showers. Good, occasionally moderate.
More information about the bind-users
mailing list