19 Led
2017
19 Led
'17
22:13
On 19/01/2017 21:08, Jakub Andrys wrote:
Hi Jakub,
You question isn't really about Knot DNS. Nevertheless, see my answers
below.
can someone please give me any explanation (or
command) how my domain
registrator got from this record what i give him:
liberland.cz. 3600 DNSKEY 257 3 13
ei9T3egqng+nlAHeNfF6BzggGCyvS2lU5ih2BZuvkzFGxkBdUJ0blgSiW5iYIROvAEHQv5Ls3sNPA9JIt8iRjg==
this record:
liberland.cz. 17999 IN DS 21107 13 2
9405F3324FDCE3F0CC4E5D94CBFB5D8A4F211E3010D447B5FD73765F9EEC20EB
???
In order for your registrar to request secure delegation for your zone,
they have to update the .CZ zone with a DS record of your DNSKEY. They
generate this DS record from the DNSKEY you provided. If you want to
generate this DS record yourself, you can do that with the LDNS tools.
Save your entire DNSKEY record to a file, and then run:
ldns-key2ds -n <filename>
This will print out the DS record on standard output.
I want sign child zones but I can't find where i
get hash
,,9405F3324FDCE3F0CC4E5D94CBFB5D8A4F211E3010D447B5FD73765F9EEC20EB"
You don't need the DS record to sign your zone. You need the private
component of your DNSKEY. You should have this file somewhere on disk
when you generated the keypair.
Regards,
Anand Buddhdev