Only one DS key comes back in query
Jan-Piet Mens
list at mens.de
Mon May 16 16:49:12 UTC 2022
>The values in the file dsset-example.com generated by signing the zone are not good.
If they are 'not good' then it's possible you are using an outdated dsset
file. (And you are hiding domain names; I doubt example.com has been delegated
to you.)
dnssec-signzone creates dsset- files when signing a zone
manually/semi-automatically. If you are signing with, say, autodnssec-maintain,
then no dsset- file is created and you use dnssec-dsfromkey to determine the DS
which you then submit to your parent zone.
-JP
More information about the bind-users
mailing list