Re: [BIND] RE: KSK Rollover

This matter has been resolved with input from Evan. I was able to add a file path for secroots to the named.conf file and push the output file to a temp directory that was not permission restricted. secroots-file "/tmp/named.secroots" ; Ultimately when I ran "rndc secroots" it created the

RE: [BIND] RE: KSK Rollover

named named 0 Sep 6 13:52 named.secroots -Original Message- From: Hugo Salgado-Hernández [mailto:hsalg...@nic.cl] Sent: Thursday, September 06, 2018 3:39 PM To: Brent Swingle Cc: Evan Hunt ; bind-users@lists.isc.org Subject: Re: [BIND] RE: KSK Rollover Hi Brent. In out CentOS box, the

RE: KSK Rollover

:e...@isc.org] Sent: Thursday, September 06, 2018 1:22 PM To: Brent Swingle Cc: bind-users@lists.isc.org Subject: Re: KSK Rollover On Thu, Sep 06, 2018 at 05:34:21PM +, Brent Swingle wrote: > This is the command that does not work and the output received: > [root@ns2 ~]# rndc secroots

KSK Rollover

I recently received an email indicating that our DNS servers are not properly equipped for the planned KSK Rollover that is coming. It leads off with this line "On 11 October 2018, ICANN will change or "roll over" the DNSSEC key signing key (KSK) of the DNS root zone." Reading through the