zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-26 04:18:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

Update configuration.md

Browse source
This commit is contained in:
Pinga 2024-11-22 12:23:53 +02:00
parent 5a510af452
commit e23acc591d
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
docs/configuration.md
View file

@ -295,8 +295,8 @@ Add the following DNSSEC policy:
```bash ```bash
dnssec-policy "namingo-policy" { dnssec-policy "namingo-policy" {
keys { keys {
ksk lifetime P3M algorithm ed25519; ksk lifetime P1Y algorithm ed25519;
zsk lifetime P1M algorithm ed25519; zsk lifetime P2M algorithm ed25519;
}; };
max-zone-ttl 86400; max-zone-ttl 86400;
dnskey-ttl 3600; dnskey-ttl 3600;
@ -334,6 +334,7 @@ After generating the keys, place them in ```/var/lib/bind```. Run ```dnssec-dsfr
Use rndc to tell BIND to load and use the new keys: Use rndc to tell BIND to load and use the new keys:
```bash ```bash
chown -R bind:bind /var/lib/bind
systemctl restart bind9 systemctl restart bind9
rndc loadkeys test. rndc loadkeys test.
``` ```