19 Led
2014
19 Led
'14
17:04
Hello,
trosku jsem se uz ztratil s dnssecem s knotem.
Vygeneroval jsem si
klice, rekl knotu, kde ma klice hledat, knot je podepsal, zadna stiznost
od nej. Klic jsem zadal i do keysetu na web4u, to proslo taky. Ale pokud
si udelam drill my zony, drill oznami, ze mi chybi DS zaznam nebo
trusted key:
drill -TD ajetaci.cz
The parent zone (cz) does not contain the DS record for your zone
(ajetaci.cz), which means the delegation is insecure. I guess the keyset
is not configured correctly.
% kdig @a.ns.nic.cz ajetaci.cz DS
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 14190
;; Flags: qr aa rd; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0
;; QUESTION SECTION:
;; ajetaci.cz. 0 IN DS
;; AUTHORITY SECTION:
cz. 900 IN SOA a.ns.nic.cz.
hostmaster.nic.cz. 1390145849 900 300 604800 900
;; Received 84 B
;; Time 2014-01-19 17:03:16 CET
;; From 194.0.12.1#53(UDP) in 14.8 ms