mirror of
https://github.com/tuxis-ie/nsedit.git
synced 2026-04-27 00:25:50 +03:00
[GH-ISSUE #163] DNSSEC enabled zones are not automaticly rectified on update #108
Labels
No labels
bug
duplicate
enhancement
help wanted
invalid
pull-request
question
question
upstream
upstream
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/nsedit#108
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @webvanced on GitHub (Dec 20, 2017).
Original GitHub issue: https://github.com/tuxis-ie/nsedit/issues/163
At this moment i have to manually run pdnsutil rectify-zone to rectify the zone for correct NSEC ordering.
DNSSEC-enabled zones should be rectified after changing the zone data. This can be done by the API automatically after a change when the API-RECTIFY metadata is set. When creating or updating a zone, the “api_rectify” field of the Zone can be set to true to enable this behaviour.
Or the rectifying should be done after updating the zone by PUT /servers/{server_id}/zones/{zone_id}/rectify
@webvanced commented on GitHub (Jan 9, 2018):
This can be done automaticly in powerdns >= 4.1. Setting domain meta data API-RECTIFY=1 after securing a domain and run a rectify domain:
pdnsutil set-meta domain.nl API-RECTIFY 1
pdnsutil rectify-zone domain.nl
I willl close this issue because it can be handled by powerdns itself now.