[Opendnssec-user] NSEC3 algorithm not supported in BIND 9.7.3?
Antonio Marcos López Alonso
amla at ipna.csic.es
Wed Oct 31 10:16:34 UTC 2012
Hi all,
I'm setting up a testing DNSSEC server using BIND 9.7.3 and OpenDNSSEC. I have
succesfully signed a zone using ods and RSASHA1 (algorithm 5) for NSEC3, but
BIND complains refusing to load the zone:
warning: zone myzone.mydomain.org/IN: unsupported nsec3 hash algorithm: 5
error: zone myzone.mydomain.org/IN: no supported nsec3 hash algorithm
error: zone myzone.mydomain.org/IN: not loaded due to errors.
Someone told me BIND 9.7.3 supports RSASHA1 for NSEC3, as he succesfully
signed and loaded the zone after using the dnstools, so I would like someone
to confirm this and to cast some light on why this error is being issued.
Thanks in advance,
Antonio
More information about the Opendnssec-user
mailing list