DELV 9.12.3-P1 - Issue Loading Trusted Keys

Evan Hunt each at isc.org
Thu Mar 14 04:34:55 UTC 2019


On Wed, Mar 13, 2019 at 06:52:38PM +0000, LeBlanc, Daniel James wrote:
> sudo /var/named/bin/delv @<DNS IP> -a /var/named/keys/trythese.keys -b127.0.0.1 ansible.test.dnsview.newdomain.bell.ca +rtrace +multiline +mtrace +vtrace
> 
> ...and getting this result:
> 
> /var/named/bin/delv: No trusted keys were loaded

The delv man page explains this:

|  -a anchor-file
|      Specifies a file from which to read DNSSEC trust anchors. The
|      default is /etc/bind.keys, which is included with BIND 9 and
|      contains one or more trust anchors for the root zone (".").
|
|      Keys that do not match the root zone name are ignored. An alternate
|      key name can be specified using the +root=NAME options.

So if you add +root=newdomain.bell.ca it should load the key.

-- 
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.


More information about the bind-users mailing list