[ldns-users] [ldns-signzone] Question on man page

A. Schulze sca at andreasschulze.de
Tue Apr 13 15:25:09 UTC 2021

Am 13.04.21 um 16:15 scrunchie François RONVAUX via ldns-users:

> So, if the zone I want to sign with DNSSEC is "mydomain.tld", I have to use the command :
> ldns-signzone -o tld zonefile $zsk $ksk

no, use '-o example.org' to sign 'example.org.'

> And about the NSEC3 signature, what are the usable algorithms with the "-n -a" options .
$ ldns-signzone -n -a list
Bad NSEC3 algorithm, only RSASHA1 allowed

> Sorry if my questions are stupid but I'am discovering the DNSSEC tools.

your welcome :-)


More information about the ldns-users mailing list