This matter has been resolved with input from Evan. I was able to add a file
path for secroots to the named.conf file and push the output file to a temp
directory that was not permission restricted.
secroots-file "/tmp/named.secroots" ;
Ultimately when I ran "rndc secroots" it created the
named named 0 Sep 6 13:52 named.secroots
-Original Message-
From: Hugo Salgado-Hernández [mailto:hsalg...@nic.cl]
Sent: Thursday, September 06, 2018 3:39 PM
To: Brent Swingle
Cc: Evan Hunt ; bind-users@lists.isc.org
Subject: Re: [BIND] RE: KSK Rollover
Hi Brent.
In out CentOS box, the
:e...@isc.org]
Sent: Thursday, September 06, 2018 1:22 PM
To: Brent Swingle
Cc: bind-users@lists.isc.org
Subject: Re: KSK Rollover
On Thu, Sep 06, 2018 at 05:34:21PM +, Brent Swingle wrote:
> This is the command that does not work and the output received:
> [root@ns2 ~]# rndc secroots
I recently received an email indicating that our DNS servers are not properly
equipped for the planned KSK Rollover that is coming. It leads off with this
line "On 11 October 2018, ICANN will change or "roll over" the DNSSEC key
signing key (KSK) of the DNS root zone."
Reading through the
4 matches
Mail list logo