[nsd-users] DNSSEC KSK Rollover
Michael A. Peters
mpeters at domblogger.net
Thu Apr 9 21:49:17 UTC 2015
Hello,
I'm trying to (mostly) automate my DNSSEC key rollovers.
ZSK was relatively easy, the issue I am having with automating the KSK
has to do with verifying the DS info from the new key has been uploaded
by the zone administrator before I stop signing with the old KSK.
I have been trying to figure out how to get dig or another utility to
check whether or not the DS information from the new key has been
uploaded to the registrar but I'm at a loss.
Anyone know how to check whether or not the DS information from a given
key is live and in the DNS system?
Thanks for any help,
Michael
More information about the nsd-users
mailing list