[Pdns-users] Migrate from zsk/ksk/rsa to csk/ecdsa
Nicola Tiling
nti at w4w.net
Sun Jul 29 14:17:46 UTC 2018
Hi
I want to migrate my old original bind generated dnssec zsk/ksk keys to powerdns csk with new ecdsa algorithm.
I’ve created a new inactive key
pdnsutil add-zone-key example.com ksk inactive 256 ECDSAP256SHA25
and can see the inactive csk with "pdnsutil show-zone“ as expected.
But I'm unsure what is the next step. Should I publish the new DS Keys as described here
https://doc.powerdns.com/authoritative/guides/kskrollcdnskey.html
And/Or what else should be done?
Thankful for any hints
Nicola
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: Message signed with OpenPGP
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20180729/830f65ab/attachment.sig>
More information about the Pdns-users
mailing list