[Opendnssec-user] ods-ksmutil zone delete doesn't clean after itself

Rick van Rein rick at openfortress.nl
Mon Oct 11 11:14:51 CEST 2010


Another remark:

> The signer gets confused if there still exists a signed zonefile in the
> output directory. It will continue resigning the previous known zone
> with the previous known signer configuration.

Keep in mind that the signer may be ahead of the origin name server w.r.t.
SOA counts.  We found that we had to fetch the last SOA used and setup the
origin name server based on that.  That is, if you want your authoritatives
to pickup an unsigned zone after removing it from OpenDNSSEC.


Best,
 -Rick



More information about the Opendnssec-user mailing list