How to validate DNSSEC signed record with dig?
William Thierry SAMEN
thierry.samen at gmail.com
Wed Feb 8 12:52:58 UTC 2012
Absolutely Tony that was a key file which has been generated by
My zone file is so simple and its look like that i have checked it before
with the named-checkzone and all is good in my file zone.
I changed option -o <absolute way of my domain> by the option -o <my
domain> only and now i had this error:
dnssec-signzone: error: dns_master_load: ../etc/toto.com:12: toto.com: not
at top of zone
dnssec-signzone: fatal: failed loading zone from '../etc/toto.com': not at
top of zone
at the line 12 of my file zone i haven't seen any mistake.
here is my zone file:
$TTL 17200 ; 4 hours 46 minutes 40 seconds
toto.com. IN SOA ns10.boom.fr. postmaster.boom.com. (
2012020802 ; serial
216000 ; refresh (2 days 12 hours)
3600 ; retry (1 hour)
3600000 ; expire (5 weeks 6 days 16
172800 ; minimum (2 days)
* A 126.96.36.199
;DNSsec keys starts here
2012/2/8 Tony Finch <dot at dotat.at>
> William Thierry SAMEN <thierry.samen at gmail.com> wrote:
> > My file zone:
> Er this looks like a key file, not a zone file. The key has been generated
> incorrectly: it has a file name where the zone name should be.
> > ; This is a zone-signing key, keyid 12762, for *../etc/toto.com.*
> > ; Created: 20120207101131 (Tue Feb 7 11:11:31 2012)
> > ; Publish: 20120207101131 (Tue Feb 7 11:11:31 2012)
> > ; Activate: 20120207101131 (Tue Feb 7 11:11:31 2012)
> > *../etc/toto.com*. IN DNSKEY 256 3 5
> f.anthony.n.finch <dot at dotat.at> http://dotat.at/
> Viking, North Utsire: Southerly 5 to 7, occasionally gale 8 in Viking.
> becoming very rough in Viking. Rain later. Good, becoming moderate later.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users