Hello Daniel, On Thu, 30 Nov 2017 16:23:53 +0100 Daniel Eriksson <[email protected]> wrote:
> On a zone I get the following result from pdnsutil show-zone > [...] > Now I'm sending the following command to the IIS Epp server choosing the > SHA256 digest : > [ ... ] > But this has no effect, the domain is still unsigned, am I sending up the > wrong public key? This might be because you sent domain.se via EPP where egenblog.se is the actual domain name. If this is because you attempt to obfuscate data, do not do this and see our support policy[1]. It looks like your zone is properly signed but that there is indeed no secure delegation yet[2] Assuming you used the right domain name in the EPP message. It can be that .se wants the DNSKEY and not the DS record. It might be that the registry refreshed its zones only e.g. every hour and your update has not passed yet. It might also be that the registry does some checks first and this is why it is delayed. Another reason is that the EPP message is wrong and the EPP response did not indicate this or was not read? Hope this helps in further debugging. Best regards, Pieter 1 - https://blog.powerdns.com/2016/01/18/open-source-support-out-in-the-open/ 2 - http://dnsviz.net/d/egenblog.se/WiAqKw/dnssec/ -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________ Pdns-users mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/pdns-users
