dnssec-key 'unknown algorithm RSASHA512'
Anand Buddhdev
anandb at ripe.net
Thu Jan 11 12:12:10 UTC 2024
On 11/01/2024 12:58, trgapp16 via bind-users wrote:
Hi Mounika,
[snip]
> -->With help of the private key i generated one file with name "named.conf.tsigkeys" at
> /etc/bind -
>
> root at dhcpt:/etc/bind# cat named.conf.tsigkeys
>
> key "my-tsig" {
> algorithm "ECDSAP256SHA256";
> secret "ESkrVALONh7Rj4UZVsOy54Y2SIJiY5HYhoQdxJLuWPk=";
> };
>
> --> below is the error received when i restart named service
>
> root at dhcpt:/etc/bind# named-checkconf
> /etc/bind/named.conf.tsigkeys:2: unknown algorithm 'ECDSAP256SHA256'
ECDSAP256SHA256 is not a valid algorithm for TSIG keys. You're better
off generating TSIG keys with the "tsig-keygen" command that ships with
BIND. Check out its man page for more details on the algorithms you can use.
Regards,
Anand
More information about the bind-users
mailing list