[Freeipa-users] DNSSEC KSK rollover
Peter Fern
freeipa at 0xc0dedbad.com
Sun Feb 28 13:51:47 UTC 2016
Hi all,
A new KSK has been auto-generated, and it's transitioned through
'published' and is now sitting in the 'ready' state, but does not appear
as a DNSKEY record on the zone. I can see that ods-enforcerd has picked
up the state change correctly and logged a DSChanged event with the
correct output for the new DNSKEY record, and it appears as expected in
localhsm, but is not published on the zone.
Running FreeIPA 4.3.0-1.fc23, anyone got pointers on how to proceed with
the rollover?
Cheers,
Pete
Konsole output
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160229/ab6546b6/attachment.htm>
More information about the Freeipa-users
mailing list