Configuring DNSSEC On BIND9 -> -bash: rollinit: command not found

Discussion in 'ISPConfig 3 Priority Support' started by albertf, Oct 3, 2019.

  1. albertf

    albertf Member HowtoForge Supporter

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This tutorial is not compatible with an ISPConfig server and it is for a completely different operating system version, using it will break your system. ISPConfig comes with DNSSEC support out of the box, just install ISPConfig as described in the perfect server tutorials and you can activate DNSSEC in the zones in ISPConfig directly. Most likely your system is not working properly anymore after you followed this wrong guide and DNS functions from ISPConfig will start to fail, you have to undo each step and undo each change you made from that guide or reinstall the system from scratch.
     
  3. albertf

    albertf Member HowtoForge Supporter

    Fortunately I failed with this tuto first at the first lignes
    The is no DNSSEC (DS) zone added in my DNS zone, that's why I tried this tuto.
    Is it normal to do not have DNSSEC (DS) zone added in my DNS zone ?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Enable the checkbox "Sign zone (DNSSEC)" in the DNS zone in ISPConfig and press save. the zone is then signed after about 1 minute. Details for DS Records for your registry are shown in the zone below the checkbox then.
     
  5. albertf

    albertf Member HowtoForge Supporter

    It was done, but I do not see any DS field in IspConfig -> Dns -> domaine-name.com -> Records
    But If you say that's fine like that, so that's fine for me as well.
    Thanks
     
  6. albertf

    albertf Member HowtoForge Supporter

    I sorry to be back on this topic, but I don't know what I have to do to setup DNSSEC
    IspConfig I have :
    [​IMG]
    With my registrar (Ovh) I have :
    [​IMG]
    What is the right answer for :
    A = ???
    B = ???
    C = ???
    D = ???
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if ovh uses a bit different format (DNS key format and no DS records). Send the OVH support your DS records and ask them what to put into the fields of there UI. Or try it out, D should be clear, its the key (the long number/char part without whitespace inside). C is 7. Key tag is probably 0 for the first one and 1 for the second one. So you have to try out B.
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. albertf

    albertf Member HowtoForge Supporter

    It's done, after I will be back with the answer, it can help the other users of Ispconfig
    Done as well, now I need to wait 24h.
    Thanks for all your answers.
     

Share This Page