ls -1 keys/dnssec/example.com/
(empty)
ls -1 namedb/primary/example.com*
namedb/primary/example.com.zone <====== ORIGINAL, unsigned zone file
cat etc/named.conf
...
zone "example.com" IN {
type master; file "namedb/primary/example.com.zone";
dnssec-policy "test";
key-directory "keys/dnssec/example.com";
update-policy {
grant local-ddns zonesub any;
grant test-key zonesub txt;
};
};
...
rndc reload
ls -al keys/dnssec/example.com/
keys/dnssec/example.com/Kexample.com.+013+22094.key
keys/dnssec/example.com/Kexample.com.+013+22094.private
keys/dnssec/example.com/Kexample.com.+013+22094.state
keys/dnssec/example.com/Kexample.com.+013+51905.key
keys/dnssec/example.com/Kexample.com.+013+51905.private
keys/dnssec/example.com/Kexample.com.+013+51905.state
ls -1 namedb/primary/example.com*
namedb/primary/example.com.zone <====== OVERWRITTEN, *signed* zone
file
namedb/primary/example.com.zone.jnl
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
