[Opendnssec-user] Zone not properly signed

Volker Janzen voja at voja.de
Tue Jul 19 12:36:23 UTC 2016


my monitoring found one zone in OpenDNSSEC that was not properly signed. 
It's the domain I'm sending from: voja.de.

I found that one of my slaves had a wrong serial for the zone, I forced 
him to fetch the current zone, but that does not solve my issue.

I backed up the signed zone file that was broken. dnsviz has the error 
in it's history. This entry is the last that was working: 

As of it's an important domain I forced the domain to go insecure at the 
registry level, because I already found validating resolvers that are no 
longer able to resolve the zone.

What steps can I do to find out what might have gone wrong?

I'm running OpenDNSSEC 1.4.6 on Debian Jessie.


More information about the Opendnssec-user mailing list