Date: Tue, 26 Nov 2013 17:53:59 +0800 From: Ben Hutton <ben.hutton@odyssey.dyndns.org> To: freebsd-questions@FreeBSD.org Subject: Bind - error reading private key file Message-ID: <52946FB7.5050803@odyssey.dyndns.org>
next in thread | raw e-mail | index | archive | help
I'm current trying to configure bind as per the handbook. Everything
appears to be working except the Smart Signing section. As far as I can
tell I've followed all the instructions correctly however I get the
below error. Initially I thought I'd missed something so I started
again from scratch but ended up with the same issue.
Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset:
error reading private key file /domain///.com.au/RSASHA256/13095: file
not found
Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset:
error reading private key file /domain.///com.au/RSASHA256/63499: file
not found
The zone is configured as follows:
zone "/domain.///com.au" {
type master;
key-directory "/etc/namedb/keys";
update-policy local;
auto-dnssec maintain;
file "/etc/namedb/master//domain///.com.au.db.signed";
};
and the KSK and ZSK files have been moved to the "/etc/namedb/keys" folder.
Please note I do not get any errors if I remove the following:
key-directory "/etc/namedb/keys";
update-policy local;
auto-dnssec maintain;
Bind is version BIND 9.8.4-P2 on FreeBSD 9.2-RELEASE
--
Regards
Ben Hutton
Email: ben.hutton@odyssey.dyndns.org <mailto:ben.hutton@odyssey.dyndns.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52946FB7.5050803>