8 Bře
2022
8 Bře
'22
18:43
Vladimír ?unát <vladimir.cunat(a)nic.cz> wrote:-
On 08/03/2022 16.23, Matthew Richardson wrote:
Thank you for your helpful explanation, the key (which despite studying I
had not noticed, but which IS clearly written in the fine docs) being
*replaces*. Thus, if one wants to do things dynamically:-
Running 5.4.4, adding an NTA seems very
straightforward:-
[...]
What is the precise incantation to remove it when it is no longer required?
The following do not work:
The .set_insecure function *replaces* the NTA set. And naturally, the
question only matters if you're doing dynamic reconfiguration. Usually
people just restart the service to get new config, I assume. Anything
unclear in the docs?
https://knot-resolver.readthedocs.io/en/stable/config-dnssec.html#trust_anc…
> trust_anchors.set_insecure( { } )
does *replace* the NTAs with no NTAs. A restart may be an easier solution.
--
Best wishes,
Matthew