AW: How to prepublish additional DNSKEY
Klaus Darilion
klaus.darilion at nic.at
Thu Jul 9 09:51:03 UTC 2020
> > So, how is the correct process to add an additional DNSKEY (only the public
> key is known).
>
> I think you are looking for `dnssec-importkey`.
Indeed. I imported the key and got a .key and .private file. I put those files in the same directory as the other keys, gave read permissions to bind and executed:
rndc loadkeys myzone
rndc sign myzone
But the additional key is not added to the reponse of DNSKEY queries.
I am using Bind - 9.12.2-P2. Is this supported by Bind 9.12? (upgrade/downgrade is currently not possible)
Thanks
Klaus
More information about the bind-users
mailing list