Hello Josef,

Please migrate to a newer version of Knot (2.6.0 or 2.5.5) as with this version
it is much easier to configure DNSSEC signing without manual keymgr assistance.
To be honest, I'm no longer able to use such an old version of Knot :-)

Regards,
Daniel

On 09/29/2017 09:39 AM, josef Karliak wrote:

  Hi,
  I maybe missed something. I created kasp direcotry, added knot as a owner.
  In the kasp directory (/var/lib/knot/kasp) runned commands:
keymgr init
keymgr zone add domena.cz policy none
keymgr zone key generate domena.cz algorithm rsasha256 size 2048 ksk

Cannot retrieve policy from KASP (not found).

  Did I missed something ?
  Thanks and best regards
  J.Karliak

-- 
Bc. Josef Karliak 
Správa sítì a elektronické po¹ty
Fakultní nemocnice Hradec Králové
Odbor výpoèetních systémù
Sokolská 581, 500 05 Hradec Králové
Tel.: +420 495 833 931, Mob.: +420 724 235 654
e-mail: josef.karliak@fnhk.cz, http://www.fnhk.cz  


_______________________________________________
knot-dns-users mailing list
knot-dns-users@lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users