Is it possible to do In-line Signing for local root zone
Mundile
jmwaiponya at gmail.com
Sat Apr 11 18:08:58 UTC 2020
I have local (private) root domain domainX.example and subdomains : subdomainY.domainX.example and subdomainZ.domainX.example. I can do chain of trust if all zones are In-line signed
zone "domainX.example" {
type master;
file "named.domainX.example";
key-directory "/var/named/keys/zones";
auto-dnssec maintain;
inline-signing yes;
};
zone "subdomainY.domainX.example" {
type master;
file "named.subdomainY.domainX.example";
key-directory "/var/named/keys/zones";
auto-dnssec maintain;
inline-signing yes;
};
zone "subdomainZ.domainX.example" {
type master;
file "named.subdomainZ.domainX.example";
key-directory "/var/named/keys/zones";
auto-dnssec maintain;
inline-signing yes;
};
Or domainX.example MUST be manually assigned.
Sent from Mail for Windows 10
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200411/eb2d0468/attachment.htm>
More information about the bind-users
mailing list