Re: DNSSEC and NSEC missing ZSK?

> On 08 Feb 2021, at 07:24, Matthijs Mekking wrote: > > Hi, > > On 08-02-2021 12:20, @lbutlr wrote: >> I feel I am getting close. I got the digest generated for hover.com and >> updated the DNS on the test zone, but I am getting errors on verify that I >> don't understand. >> #v+ >> #

Re: DNSSEC and NSEC missing ZSK?

Hi, On 08-02-2021 12:20, @lbutlr wrote: I feel I am getting close. I got the digest generated for hover.com and updated the DNS on the test zone, but I am getting errors on verify that I don't understand. #v+ # dnssec-verify -I text -o example.com /etc/namedb/working/example.com.signed

DNSSEC and NSEC missing ZSK?

I feel I am getting close. I got the digest generated for hover.com and updated the DNS on the test zone, but I am getting errors on verify that I don't understand. #v+ # dnssec-verify -I text -o example.com /etc/namedb/working/example.com.signed Loading zone 'example.com' from file

Re: DNSKEY failure

Hi, On 05-02-2021 10:23, @lbutlr wrote: So, with my test domain that is using dsnssec-policy default dnsviz reports "DNSKEY: No response was received from the server over UDP" But: dig +norec +dnssec +bufsize=512 +ignore dnskey Shows a DNSKEY record. It would be useful to also provide the