Date: Mon, 30 Jul 2018 11:56:45 +0200 From: Matthias Apitz <guru@unixarea.de> To: freebsd-questions@freebsd.org Subject: drill && DNSSEC Message-ID: <20180730095645.GA11644@sh4-5.1blu.de>
next in thread | raw e-mail | index | archive | help
Hello, Our FreeBSD handbook explains in https://www.freebsd.org/doc/handbook/network-dns.html how to setup DNSSEC for a local DNS caching server. I uses, for example: $ drill -S FreeBSD.org @10.23.47.18 ;; Chasing: freebsd.org. A Warning: No trusted keys specified DNSSEC Trust tree: FreeBSD.org. (A) |---freebsd.org. (DNSKEY keytag: 18501 alg: 8 flags: 256) |---freebsd.org. (DNSKEY keytag: 60160 alg: 8 flags: 257) |---freebsd.org. (DS keytag: 60160 digest type: 2) |---org. (DNSKEY keytag: 1862 alg: 7 flags: 256) |---org. (DNSKEY keytag: 9795 alg: 7 flags: 257) |---org. (DNSKEY keytag: 17883 alg: 7 flags: 257) |---org. (DS keytag: 9795 digest type: 2) | |---. (DNSKEY keytag: 41656 alg: 8 flags: 256) | |---. (DNSKEY keytag: 19036 alg: 8 flags: 257) |---org. (DS keytag: 9795 digest type: 1) |---. (DNSKEY keytag: 41656 alg: 8 flags: 256) |---. (DNSKEY keytag: 19036 alg: 8 flags: 257) You have not provided any trusted keys. ;; Chase successful Note: The trusted keys (flag -k ....) weren't provided. How one gets valid trusted keys? Thanks matthias -- Matthias Apitz, ✉ guru@unixarea.de, ⌂ http://www.unixarea.de/ 📱 +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180730095645.GA11644>