[nsd-users] Updating my signed zonefiles

Matthijs Mekking matthijs at nlnetlabs.nl
Mon Jul 8 09:27:10 UTC 2013


Hi,

On 07/08/2013 04:32 AM, opendaddy at hushmail.com wrote:
> Hi,
> 
> Is there an easier way to update my signed zonefiles than having to do ldns-keygen -a RSASHA1_NSEC3 -b 1024 <domain> && ldns-keygen -a RSASHA1_NSEC3 -b 2048 -k <domain> && ldns-signzone <domain> <zone signing key> <key signing key> over and over?

Not in NSD, it does support in-line signing. So you need something else
to do the signing for you. You might be interested in OpenDNSSEC to the
the DNSSEC stuff for you:

    http://www.opendnssec.org/

Best regards,
  Matthijs



> 
> My setup is here: https://gist.github.com/kakekake89/5945810
> 
> Would appreciate general improvement advice as well. Just switched over from BIND, couldn't be happier.
> 
> O.D.
> 
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
> 




More information about the nsd-users mailing list