[Opendnssec-develop] Re: [OpenDNSSEC] #69: OpenDNSSEC + DLV (isc.org)
OpenDNSSEC
owner-dnssec-trac at kirei.se
Tue Jan 5 20:46:46 UTC 2010
#69: OpenDNSSEC + DLV (isc.org)
------------------------------------+---------------------------------------
Reporter: archi.laurent@… | Owner: rb
Type: defect | Status: new
Priority: trivial | Component: Unknown
Version: trunk | Keywords: OpenDNSSEC + DLV (isc.org)
------------------------------------+---------------------------------------
Comment(by rb):
Why have you copied the DNSKEY+RRSIG and NSEC3+RRSIG back to your original
zone file? If you are doing this then you have forgotten to copy the other
RRSIGs which belong to the other RRs.
This is how it should look like:
Unsigned zone file -> OpenDNSSEC -> Signed zone file (a new file created
by OpenDNSSEC) -> BIND (or whatever nameserver you are using)
No need to copy anything. OpenDNSSEC will create the signed zone file
which you load into BIND (this is done automatically if you have
<NotifyCommand> in conf.xml).
--
Ticket URL: <http://trac.opendnssec.org/ticket/69#comment:4>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list