<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>And you were right...</p>
<p>Since the zone was not being signed, I enabled the logs for
dnssec, and found this error message:<br>
<br>
<font face="monospace">dnssec: zone unau.edu.ar/IN (signed):
zone_rekey:dns_dnssec_keymgr failed: error occurred writing key
to disk<br>
dnssec: zone unau.edu.ar/IN (signed): zone_rekey failure: error
occurred writing key to disk (retry in 600 seconds)</font><br>
<br>
So, to bypass it had to change permissions of my
/var/cache/bind/keys directory to rwxrwxr-- (774) and all the
files therein to rw-rw-r-- (664).<br>
</p>
<p><br>
</p>
<p>One step closer, thanks to all :-). Best regards<br>
</p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">El 29/6/23 a las 03:16, Matthijs
Mekking escribió:<br>
</div>
<blockquote type="cite"
cite="mid:60211914-adc8-41f8-3866-ed44236c254a@isc.org">I suspect
permissions on the key-directory are not yet correct:
<br>
<br>
key-directory "/var/cache/bind/keys";
<br>
<br>
On 6/28/23 22:35, Daniel Armando Rodriguez via bind-users wrote:
<br>
<blockquote type="cite">However, as soon as I added this
<br>
<br>
dnssec-policy "default";
<br>
inline-signing yes;
<br>
<br>
Error came up again :-(
<br>
</blockquote>
</blockquote>
<div class="moz-signature">-- <br>
<div dir="ltr">________________________________________________<br>
<table>
<tbody>
<tr>
<td><img
src="https://correo.unau.edu.ar/skins/elastic/images/logo.svg"
width="73" height="96"></td>
<td><strong>Daniel A. Rodriguez</strong><br>
<em>Informática, Conectividad y Sistemas</em><br>
Universidad Nacional del Alto Uruguay<br>
San Vicente - Misiones - Argentina<br>
<a href="https://informatica.unau.edu.ar" rel="noopener">informatica.unau.edu.ar</a></td>
</tr>
</tbody>
</table>
</div>
</div>
</body>
</html>