Inline signing fails dnsviz test.

Dan Egli dan at
Mon May 10 21:36:55 UTC 2021

Okay, so I added the policy, and things MOSTLY look okay. But when I 
retake the verification test, I get errors about no RRSIGs found. What 
do I do to resolve that issue?

On 5/10/2021 12:38 PM, Tony Finch wrote:
> Dan Egli <dan at> wrote:
>> Still not working for me. The dig doesn't report anything, and I don't HAVE a
>> keyfile since i'm using inline signing. Or does inline signing still require a
>> key to be generated?
> Yes, you need to do your own key management with inline-signing using
> dnssec-keygen. The new dnssec-policy feature can do automatic key
> management for you.
> Tony.

Dan Egli
 From my Test Server

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x11B7451DF2015959.asc
Type: application/pgp-keys
Size: 3792 bytes
Desc: OpenPGP public key
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the bind-users mailing list