[Opendnssec-user] enforcer hooks

Jakob Schlyter jakob at kirei.se
Tue May 20 11:56:17 UTC 2014

On 20 maj 2014, at 12:39, Petr Spacek <pspacek at redhat.com> wrote:

> Now I have looked into /var/opendnssec/signconf/example.xml and it seems that I will be able to generate K*.private key except timestamps:
> Created: 20140429162528
> Publish: 20140429162528
> Activate: 20140429162528
> ...

You do not need those, just can just set them all to "now" in BIND (activate only if the key is used for signing). https://github.com/opendnssec/ods4bind/blob/master/ods4bind.pl should be useful as a guideline, it does just what you are aiming for I believe.


More information about the Opendnssec-user mailing list