[Opendnssec-user] TLSA
Mathieu Arnold
mat at mat.cc
Tue Dec 4 16:05:11 UTC 2012
Hi,
Ok, upgraded ldns, all is good now.
I get some strange behavior, (v1.3.10), though...
Say, I do :
$ ods-signer sign absolight.net
and in the logs, I get :
Dec 4 17:02:50 ns1 ods-signerd: [scheduler] unable to unschedule task
[read] for zone absolight.net: not scheduled
and :
$ ods-signer queue | grep absolight.net
On Tue Dec 4 23:58:09 2012 I will [read] zone absolight.net
but it does not reschedule it for right now...
+--On 4 décembre 2012 14:25:27 +0100 Matthijs Mekking
<matthijs at nlnetlabs.nl> wrote:
| Hi Mathieu,
|
| OpenDNSSEC depends on LDNS for supported RRtypes. You should link against
| ldns 1.6.16 if you want to do TLSA.
|
| Best regards,
| Matthijs
|
| On 12/04/2012 01:44 PM, Mathieu Arnold wrote:
|> Hello,
|>
|> While having lunch, I discovered TLSA records, and I wanted to give it a
|> spin, but...
|>
|> Dec 4 13:40:53 ns1 ods-signerd: [adapter] error parsing RR at line 17
|> (Syntax error, could not parse the RR's rdata): _443._tcp.mat.cc.
|> 86400 IN TLSA 3 0 1
|> D6731A11F7F79A6E38757E0F48589A6887735E33BE2A2E6D033BE16A E969EDFE
|>
|> Wondering if TLSA is not supported, or if the one I have is malformed...
|> :-)
|>
|
|
--
Mathieu Arnold
More information about the Opendnssec-user
mailing list