DNSSEC / BIND breakage
wolfgang.rosenauer at an-netz.de
Thu Oct 1 14:35:08 CEST 2015
one of my DNSSEC/DANE secured domains started breaking as of today and I
do not fully understand why.
Probably bright people here can point me to the correct resolution?
I'm using bind and its
Also I'm not aware that my KSK and ZSK keys have any expiration date but
today DNSSEC started to fail apparently because my RRSIG signatures are
said to be expired.
Actually my first idea is that the automatic maintenance in bind failed
for some reason. So I deleted the journal and signed zone files and
started over by signing the zone from scratch. This at least improved
the situation a little bit according to
But still it seems to be broken and I'm lost currently to understand
what is wrong.
Thanks for any pointers,
More information about the dane-users