Bind - error reading private key file
Ben Hutton
ben.hutton at odyssey.dyndns.org
Tue Nov 26 09:53:40 UTC 2013
I'm current trying to configure bind as per the handbook. Everything
appears to be working except the Smart Signing section. As far as I can
tell I've followed all the instructions correctly however I get the
below error. Initially I thought I'd missed something so I started
again from scratch but ended up with the same issue.
Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset:
error reading private key file /domain///.com.au/RSASHA256/13095: file
not found
Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset:
error reading private key file /domain.///com.au/RSASHA256/63499: file
not found
The zone is configured as follows:
zone "/domain.///com.au" {
type master;
key-directory "/etc/namedb/keys";
update-policy local;
auto-dnssec maintain;
file "/etc/namedb/master//domain///.com.au.db.signed";
};
and the KSK and ZSK files have been moved to the "/etc/namedb/keys" folder.
Please note I do not get any errors if I remove the following:
key-directory "/etc/namedb/keys";
update-policy local;
auto-dnssec maintain;
Bind is version BIND 9.8.4-P2 on FreeBSD 9.2-RELEASE
--
Regards
Ben Hutton
Email: ben.hutton at odyssey.dyndns.org <mailto:ben.hutton at odyssey.dyndns.org>
More information about the freebsd-questions
mailing list