服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 无法将DNSKEY发布到dlv.isc.org
Intereting Posts
将Windows共享设置为ADjoinMac用户的networking主页 是否有可能使用IIS7的256位SSLencryption? 在openSUSE上进行TEX Live更新后,为Apache(wwwrun)和所有用户添加PATH环境variables的path 如果木偶项目中存在单独的文件资源,则文件资源不应跳过文件 顶部只显示当前的用户进程 iptables的替代方法:允许netfilter规则在给定时间后消失 RDP在局域网上工作,但不能上网 多个公网IP在一个networking中 mod-mono-server4.exe使用Ubuntu 14.04.1 LTS上100%的CPU Nginx反向代理传递给分开的Tomcat服务器不通过 删除与已删除帐户拥有的现有试用版订阅相关联的Azure目录时出错 应该还原Exchange 2010的数据库文件始终处于“肮脏closures”状态? 如何跟踪Windows 2003 Web服务器上的传入IP地址? 安装phpmyadmin,什么是默认的用户名和密码 使用大厨,我如何确保服务器在服务器之前在服务器之前进行预configuration?

无法将DNSKEY发布到dlv.isc.org

试图让DNSSEC为区域工作。

软件:BIND 9.4.2-P2,操作系统Ubuntu 8.04

试图使用ZoneSigner签署区域,并发布到dlv.isc.org,但它抱怨重要的失踪。 键显示使用dig dnskey时。 域名是kristaps.lv

确切的错误信息 

3.138:DEBUG RUN GET_ADDRESSES: Sending a recursive query for mazais.kristaps.lv A 3.532:DEBUG RUN GET_ADDRESSES: Got response for recursive query mazais.kristaps.lv A NOERRO R 3.533:DEBUG RUN GET_ADDRESSES: Caching address for mazais.kristaps.lv => 92.240.80.54 3.725:DEBUG RUN: Enqueued query 7 to 92.240.80.54 for kristaps.lv DNSKEY 3.725:DEBUG RUN: Got activity for 2, from 92.240.70.1 3.725:DEBUG RUN: Got referral 3.726:DEBUG RUN: kristaps.lv. 1800 IN NS mazais.kristaps.lv 3.727:DEBUG RUN: Already have 92.240.80.54 queued 3.727:DEBUG RUN: Got activity for 3, from 194.0.1.24 3.727:DEBUG RUN: Got referral 3.728:DEBUG RUN: kristaps.lv. 1800 IN NS mazais.kristaps.lv 3.729:DEBUG RUN: Already have 92.240.80.54 queued 3.729:DEBUG RUN: Got activity for 4, from 83.171.8.137 3.729:DEBUG RUN: Got referral 3.730:DEBUG RUN: kristaps.lv. 1800 IN NS mazais.kristaps.lv 3.730:DEBUG RUN: Already have 92.240.80.54 queued 3.730:DEBUG RUN: Got activity for 5, from 193.0.12.121 3.730:DEBUG RUN: Got referral 3.731:DEBUG RUN: kristaps.lv. 1800 IN NS mazais.kristaps.lv 3.732:DEBUG RUN: Already have 92.240.80.54 queued 3.732:DEBUG RUN: Got activity for 6, from 192.36.125.2 3.732:DEBUG RUN: Got referral 3.733:DEBUG RUN: kristaps.lv. 1800 IN NS mazais.kristaps.lv 3.733:DEBUG RUN: Already have 92.240.80.54 queued 4.223:DEBUG RUN: Got activity for 7, from 92.240.80.54 4.223:DEBUG RUN: Found answer from 92.240.80.54 4.227:SUCCESS 92.240.80.54 answered DNSKEY query with rcode NOERROR 4.227:INFO Total answers: 1 4.228:SUCCESS All DNSKEY responses are identical. 4.236:DEBUG VERIFY-DNSKEY: Checking tag=32656 flags=257 alg=RSASHA1 AwEAAcAo...Qbb+6aKYw8= 4.236:DEBUG VERIFY-DNSKEY: Accepted key. 4.237:DEBUG VERIFY-DNSKEY: Checking tag=58348 flags=257 alg=RSASHA1 AwEAAZbV...HzR2UTmRw0= 4.237:DEBUG VERIFY-DNSKEY: Ignoring key. 4.237:DEBUG VERIFY-DNSKEY: Checking tag=41748 flags=256 alg=RSASHA1 AwEAAeJC...u4rnFt63+RV 4.238:DEBUG VERIFY-DNSKEY: Ignoring key. 4.238:DEBUG VERIFY-DNSKEY: Checking tag=64185 flags=256 alg=RSASHA1 AwEAAZ/S...x8pRgin/Vq5 4.238:DEBUG VERIFY-DNSKEY: Ignoring key. 4.238:DEBUG VERIFY-DNSKEY: Checking tag=21258 flags=256 alg=RSASHA1 AwEAAdlD...3Nv3HgYux4D 4.238:DEBUG VERIFY-DNSKEY: Ignoring key. 4.238:INFO VERIFY-DNSKEY: 5 DNSKEYs found. 4.239:INFO VERIFY-DNSKEY: 1 keys found after filtering. 4.239:DEBUG VERIFY-DNSKEY: Using keys: 4.239:DEBUG VERIFY-DNSKEY: tag=32656 flags=257 alg=RSASHA1 AwEAAcAo...Qbb+6aKYw8= 4.239:DEBUG VERIFY-DNSKEY: To verify rrset type DNSKEY 4.242:FAILURE DNSKEY signature verification failed: Signing key not found

看起来您已经尝试将id = 32656的KSK添加到DLV,但是您只使用KSK 58348签署了该区域。

您需要将正确的密钥添加到DLV(id = 58348)或使用id = 32656签署DNSKEY RRSET。