do not stupidly delete ZSK files

Evan Hunt each at isc.org
Thu Jul 30 01:24:23 UTC 2015


On Wed, Jul 29, 2015 at 05:56:20PM -0700, David Newman wrote:
> 29-Jul-2015 17:18:19.439 general: warning:
> dns_dnssec_keylistfromrdataset: error reading private key file
> example.com/RSASHA256/36114: file not found

Delete that key from the DNSKEY rrset in the zone and reload.

If it's a dynamic zone, freeze it first, then edit the zone file,
delete the key, increase the serial number, and thaw it.

If it's not dynamic, same instructions, but without the freezing
and thawing.

-- 
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.


More information about the bind-users mailing list