[Opendnssec-user] Automatic resign

Patrik Wallström patrik.wallstrom at iis.se
Thu Feb 11 08:53:54 UTC 2010

On Feb 11, 2010, at 9:45 AM, Antti Ristimäki wrote:

>> If you set the <Serial> option to "keep" in the <SOA> block in kasp.xml, you might get what you want. What happens then is that you only resign when the SOA serial has increased, and you can trigger that with "ods-signer sign zonename". Will that work for you?
> Yes, actually we are currently doing it this way and it seems to work. I
> was just curious to know whether it could be possible to disable the
> automatic resign altogether so that the signer wouldn't even try to sign
> the zone automatically.

In that case you could set the <Resign> interval in <Signatures> in kasp.xml to a very high value.

Patrik Wallström
Project Manager, R&D
.SE (Stiftelsen för Internetinfrastruktur)
E-mail: patrik.wallstrom at iis.se
Web: http://www.iis.se/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20100211/37ba06f4/attachment.bin>

More information about the Opendnssec-user mailing list