5 Bře
2019
5 Bře
'19
7:55
Hello Thomas,
On 05.03.19 00:22, Thomas wrote:
thanks for clarification. A "knotc
zone-ksk-submitted xx.tld" did the
trick and rollover is now processing.
Yet, I don't fully understand why that manual intervention is necessary
as Knot would be able to find out the state of the DS record by itself.
You can configure knot to do it for yourself:
remote:
- id: google
address: ["8.8.8.8"]
submission:
- id: validating-resolver
parent: google
policy:
- id: test
ksk-lifetime: 1200
zsk-lifetime: 600
propagation-delay: 0
dnskey-ttl: 60
ksk-submission: validating-resolver
Daniel