Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 26 Nov 2013 17:53:59 +0800
From:      Ben Hutton <ben.hutton@odyssey.dyndns.org>
To:        freebsd-questions@FreeBSD.org
Subject:   Bind - error reading private key file
Message-ID:  <52946FB7.5050803@odyssey.dyndns.org>

Next in thread | Raw E-Mail | Index | Archive | Help
I'm current trying to configure bind as per the handbook. Everything 
appears to be working except the Smart Signing section. As far as I can 
tell I've followed all the instructions correctly however I get the 
below error.  Initially I thought I'd missed something so I started 
again from scratch but ended up with the same issue.

Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset: 
error reading private key file /domain///.com.au/RSASHA256/13095: file 
not found
Nov 26 20:38:51 web01 named[15623]: dns_dnssec_keylistfromrdataset: 
error reading private key file /domain.///com.au/RSASHA256/63499: file 
not found

The zone is configured as follows:

zone "/domain.///com.au" {
         type master;
         key-directory "/etc/namedb/keys";
         update-policy local;
         auto-dnssec maintain;
         file "/etc/namedb/master//domain///.com.au.db.signed";
};

and the KSK and ZSK files have been moved to the "/etc/namedb/keys" folder.

Please note I do not get any errors if I remove the following:

         key-directory "/etc/namedb/keys";
         update-policy local;
         auto-dnssec maintain;

Bind is version BIND 9.8.4-P2 on FreeBSD 9.2-RELEASE


-- 
Regards
Ben Hutton
Email: ben.hutton@odyssey.dyndns.org <mailto:ben.hutton@odyssey.dyndns.org>




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?52946FB7.5050803>