[Opendnssec-user] opendnssec2 signing error: "unable to add rr to zone: soa record has invalid owner name" ?
pgnet.dev at gmail.com
Mon Dec 19 14:29:14 UTC 2016
On 12/19/2016 12:21 AM, Hoda Rohani wrote:
> ods 2.X now accepts these kind of format: '1W' and '3H'.
> Name of zone file must match the name of zone, that was your problem.
realized that since my zone files (a) are in a chroot and (b) contain INCLUDE stmts, that a compiled version was needed for opendnssec to process
mkdir -p /svr/named/namedb/compiled
-t "/svr/named" \
-f text -F text \
-o /namedb/compiled/example.info.compiled \
then matching the zone name with the zonefile name
/usr/local/opendnssec/sbin/ods-enforcer zone delete --all
/usr/local/opendnssec/sbin/ods-enforcer zone add -z example.info.zone -p lab
ls -al /var/opendnssec/signed/example.info
-rw-r--r-- 1 root root 11K Dec 19 06:14 /var/opendnssec/signed/example.info
Fwiw, in the OP, that the output of the enforcer command reported
Zone example.info added successfully
when it wasn't being created, and the logs clearly contained errors is misleading. It'd be useful to have the signing step report an error at console ...
More information about the Opendnssec-user