[Pdns-users] dnssec problem
Steffan Noord
steffannoord at gmail.com
Wed Feb 22 11:39:18 UTC 2017
Hello List,
Im getting a email from SIDN (dutch nl registry) with a validation error
validation failure <_sidn._dnssec-valcheck._2080627548.cicgroup.nl. A IN>: No DNSKEY record for key cicgroup.nl. while building chain of trust
When im looking at the registry I see:
Keytag 37540
Vlag 257 (KSK)
Algoritme RSA/SHA-256 (8)
Publieke sleutel AwEAAajn4T1mAUlfYO+mM68uR0wvUuvkIw+D7T6xDDZrfLJ..
In my DNS
pdnssec show-zone cicgroup.nl | grep ID
ID = 1396 (KSK), tag = 22639, algo = 8, bits = 2048 Active: 1 ( RSASHA256 )
ID = 1398 (KSK), tag = 49816, algo = 8, bits = 2048 Active: 1 ( RSASHA256 )
ID = 1401 (KSK), tag = 37540, algo = 8, bits = 2048 Active: 1 ( RSASHA256 )
ID = 1397 (ZSK), tag = 4929, algo = 8, bits = 1024 Active: 1 ( RSASHA256 )
Any idees what is wrong?
It has worked for a very long time without a error.
Just a sitenote I see that there are multiple keys enabled.
Some other domains has only one.
Is that correct?
Met vriendelijke groet,
Steffan Noord
Met vriendelijke groet,
Steffan Noord
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20170222/517eeaf5/attachment.html>
More information about the Pdns-users
mailing list