[Opendnssec-user] enforcer hooks
Jakob Schlyter
jakob at kirei.se
Tue May 20 11:56:17 UTC 2014
On 20 maj 2014, at 12:39, Petr Spacek <pspacek at redhat.com> wrote:
> Now I have looked into /var/opendnssec/signconf/example.xml and it seems that I will be able to generate K*.private key except timestamps:
>
> Created: 20140429162528
> Publish: 20140429162528
> Activate: 20140429162528
> ...
You do not need those, just can just set them all to "now" in BIND (activate only if the key is used for signing). https://github.com/opendnssec/ods4bind/blob/master/ods4bind.pl should be useful as a guideline, it does just what you are aiming for I believe.
jakob
More information about the Opendnssec-user
mailing list