Dnssec zone signing problem
itservices88 at gmail.com
Thu May 20 22:30:03 UTC 2010
No local script. I am using snssec-signzone that cam with the installation:
# dnssec-signzone --help
On Thu, May 20, 2010 at 12:26 PM, Stephane Bortzmeyer <bortzmeyer at nic.fr>wrote:
> On Thu, May 20, 2010 at 12:10:53PM -0700,
> itservices88 <itservices88 at gmail.com> wrote
> a message of 92 lines which said:
> > # dnssec-signzone -N INCREMENT mydomain.org
> > Verifying the zone using the following algorithms: RSASHA1.
> > Missing RSASHA1 signature for . NSEC
> > The zone is not fully signed for the following algorithms: RSASHA1.
> > dnssec-signzone: fatal: DNSSEC completeness test failed.
> I do not find these error messages in BIND source code. Are you sure
> you use the pristine dnssec-signzone and not, say, a local custom
> (dnssec-signzone is supposed to sign the zone, not to check that it is
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users