[yadifa-users] DNSSEC Support -Yadifa 1.0.3

Gery Van Emelen gery.vanemelen at eurid.eu
Wed Aug 20 14:50:53 CEST 2014


In the reference manual of 1.0.3 on page 26 you find:

This is the only option that you have to add in your zone section.

There’s also the dnssec-mode option, which you can use to make sure that a zone is NSEC or NSEC3.
This option is there for making sure that yadifad will use the correct mode. For example if it finds in the zone file a NSEC resource record and the mode is NSEC3, yadifad will stop. This option is a fail-safe.

example of a zone section with DNSSEC on NSEC:
	type master
	domain somedomain.eu
	file masters/somedomain.eu.zone
	dnssec-mode nsec
	keys-path keys/somaindomain.eu

1. You still need to add the private part of the keys in the keys-path directory.
2. You have to add the public part of the keys in the zone file.
3. You need to sign the zone file.



Gery Van Emelen
Senior System Developer
Woluwelaan 150    
1831 Diegem - Belgium
TEL: +32 (0) 2 401 2750
MOB:+32 (0) 478 478 098
Gery.VanEmelen at EURid.eu

On 20 Aug 2014, at 13:38, vijay bommareddy <vijayb888 at gmail.com> wrote:

> Hi,
> I'm playing with Yadifa lately and was wondering how to enable DNSSEC. Does Yadifa support DNSSEC? If yes, could anybody guide me how to enable it?
> The reference manual does't have much info on it.
> Thanks in advance
> -- 
> Vijay
> _______________________________________________
> yadifa-users mailing list
> yadifa-users at mailinglists.yadifa.eu
> http://www.yadifa.eu/mailman/listinfo/yadifa-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.yadifa.eu/archives/yadifa-users/attachments/20140820/bdb1cb6b/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://www.yadifa.eu/archives/yadifa-users/attachments/20140820/bdb1cb6b/attachment.bin 

More information about the yadifa-users mailing list