On 08 Sep 2018, at 09:59, Niall O'Reilly wrote:
> On 8 Sep 2018, at 14:58, @lbutlr wrote:
>
>> so I think there must be something else.
>
> You might need to so some other housekeeping:
>
> https://zonemaster.net/domain_check
> http://dnsviz.net/d/covisp.net/dnssec/
Oh, well, that is
Some clarification
Have you DNSSEC Signed your Domain - that is "covisp.net" because I
don't see any DS records for it in the "net" zone.
dig @a.gtld-servers.net. covisp.net ds
flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
returns the SOA for NET - so I know I got to the
On 09/08/2018 07:58 AM, @lbutlr wrote:
what do I need to do for other DNS servers?
I don't think you need to do anything special.
The zone signatures come form and are managed by the master name server.
The secondary name server(s) is (are) just additional servers with
copies of the zone.
On 8 Sep 2018, at 14:58, @lbutlr wrote:
> so I think there must be something else.
You might need to so some other housekeeping:
https://zonemaster.net/domain_check
http://dnsviz.net/d/covisp.net/dnssec/
/Niall
signature.asc
Description: OpenPGP digital signature
So, I setup up DNSSEC on my authoritative bind 9.12 server, which was very
straightforward and works fine:
dig covisp.net +dnssec +short @8.8.8.8
65.121.55.42
A 7 2 86400 20181008122535 20180908122535 17363 covisp.net.
pkpVdFONJ2dYN+7wQ4pVcQTlWIThY3+mbNdXsE8p5uWiLNvIefVT32JE
5 matches
Mail list logo
