SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu Linux 20.04.4 |
Webmin version | 2.000 |
BIND version 9.16
Hi all,
How does Webmin manage dnssec operations - records signing and resigning, keys regeneration etc.? I mean should it simply put corresponding BIND options into BIND config file and let BIND do all things, or Webmin uses its own timers and calls utilities for these tasks?
I ask this because I have dnssec enabled thru Webmin for one of my zones (all I’ve done is just created keys for the zone) - and all records got signed. But when I look into named.conf I cannot find any dnssec-related directive there*. Therefore I guess that BIND itself won’t do anything with signatures when they get expired.
Now I have RRSIG records with expiration date 2022-10-27 but not sure will they be resigned automatically and what system must initiate this process.
*There is “dnssec-validation auto”, but it’s not about zone signing
Thanks in advance