| SYSTEM INFORMATION | |
|---|---|
| OS type and version | CentOS 6.9 |
| Webmin version | 1.99 |
| Virtualmin version | 6.17 |
| Related packages | SUGGESTED |
Just signed a zone w/ “set up DNSSEC key” and it’s getting an error on dnsviz.net for the NSEC3PARAM record having a TTL of 0, just curious where it’s inheriting the TTL of 0?
“* RRSIG (redact).com/NSEC3PARAM alg 8, id 43416: The TTL of the RRset (3600) exceeds the value of the Original TTL field of the RRSIG RR covering it (0).”
The zone file explicity sets it to 0;
(redact).com. 0 IN NSEC3PARAM 1 0 10 -
(redact).com. 0 IN RRSIG NSEC3PARAM 8 2 0 (sig)
TIA,