Update DNSSEC Zone
softwareinfojam at gmail.com
Thu May 13 14:41:27 UTC 2021
Wow. Thanks so much for all the responses. Really appreciate it. They made me truly realize that a lot on the info on the net may be either incomplete or just old. I understand a bit better now.
I added the line inline-signing yes; as was suggested and reloaded bind. I am now seeing the .signed, .jbk and .jnl files. The zone also replicates to the slaves and I am seeing the NSEC, RRSIG and DNSKEY entries in the zone files on the slaves. I also checked with the yogaDNS client and it had no problems identifying the DNSSEC server. So I would imagine at this point it is working. I believe as was said too I need now to register the DS with the registrar? Hopefully that should be it if I am not missing anything?
Thanks so much again for the very informative replies.
More information about the bind-users