[Opendnssec-user] Zone not properly signed
Volker Janzen
voja at voja.de
Tue Jul 19 12:36:23 UTC 2016
Hi,
my monitoring found one zone in OpenDNSSEC that was not properly signed.
It's the domain I'm sending from: voja.de.
I found that one of my slaves had a wrong serial for the zone, I forced
him to fetch the current zone, but that does not solve my issue.
I backed up the signed zone file that was broken. dnsviz has the error
in it's history. This entry is the last that was working:
http://dnsviz.net/d/voja.de/V40wvQ/dnssec/
As of it's an important domain I forced the domain to go insecure at the
registry level, because I already found validating resolvers that are no
longer able to resolve the zone.
What steps can I do to find out what might have gone wrong?
I'm running OpenDNSSEC 1.4.6 on Debian Jessie.
Regards,
Volker
More information about the Opendnssec-user
mailing list