Native pkcs#11 and auto-dnssec feature
catalinl at rotld.ro
Wed Apr 8 16:21:45 UTC 2015
It helps only for dnssec-keyfromlabel tool that accepts "-l" parameter,
but for dnssec-signzone i didn't find any reference. And the main problem
is automatically internal signing with "auto-dnssec".
On 08/04/15 18:21, Jeremy C. Reed wrote:
>> My question is about auto-dnssec feature that maintain zone by
>> internally signing RRs. How this feature will work without a PIN since
>> BIND needs access to private key when it needs to resign automatically
>> and i did't find a way to provide the PIN throught configuration files
> Does the reference manual section about proving the PIN help?
More information about the bind-users