named is not finding the keys for DNSSEC

Andreas Meyer a.meyer at
Thu Aug 4 11:13:30 UTC 2016


> Tony Finch <dot at> schrieb am 04.08.16 um 09:21:36 Uhr:

> > The error suggests to me that you have a key-directory mismatch, but you
> > seem to have that under control.

That was the right hint! I had no key-directory "/var/lib/named/keys";
specified in named.conf.

There also is no key-directory specified in the original named.conf,
just a managed-keys-directory "/var/lib/named/dyn/";

The errors are gone since I specifed a key-directory too.

dnssec-validation yes;
key-directory "/var/lib/named/keys";
managed-keys-directory "/var/lib/named/dyn";
dnssec-lookaside auto;

Also the "the working directory is not writable" error is gone
therefore. chroot is working!

Now I'll look at inline-signing yes;

Thank you for your patience!


More information about the bind-users mailing list