[Opendnssec-user] Our unsigned zones change every 5 minutes - will they automatically be signed?

Patrik Wallström patrik.wallstrom at iis.se
Thu Aug 29 13:03:04 UTC 2013

On Aug 29, 2013, at 2:41 PM, Harald A. Irmer <Harald.Irmer at KIT.edu> wrote:

> Hi Ondřej,
> thanks a lot!
> On 29.08.2013 14:22, Ondřej Caletka wrote:
>> Hi Harald,
>> Dne 29.8.2013 13:56, Harald A. Irmer napsal(a):
>>> Our unsigned zones change every 5 minutes - maybe I can defer changes up
>>> to every 15 minutes - are the signed zones then produced accordingly
>>> _automatically_?
>> After update of an unsigned zone, call 'ods-signer sign <zone>'
>> everything else is automatic.
> I would be very pleased If I had not to sit there watching when a 
> unsigned zone is updated because some admin has made a change maybe at 
> 7am in the morning or 22pm or on sundays. And then me enter 'ods-signer 
> sign <zone>' Haha! Is there any hope that unsigned zone changes will be 
> recognized maybe via BIND notify messages and signing be done 
> automatically? VERY important for me.

You can automate this with either a Makefile or by using a hook in you version control system (that you should probably use anyway).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20130829/cf021ed0/attachment.bin>

More information about the Opendnssec-user mailing list