Home > Linux > Quick Fix for the Fedora DNSSEC Issue

Quick Fix for the Fedora DNSSEC Issue

After a routing update, Fedora 12 has some problems with the DNS service. The named service fails to start with with the following error:

Error in named configuration:
/etc/pki/dnssec-keys//named.dnssec.keys:1: open: /etc/pki/dnssec-keys//production/bg.conf: file not found

The update was not a fortunate one and an official fix will probably be issued soon. A quick way is to disable the DNSSEC options in named. Edit /etc/named.conf and comment the following lines:

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside . trust-anchor dlv.isc.org.;

and at the bottom:

include "/etc/pki/dnssec-keys//named.dnssec.keys";
include "/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf";

The DNSSEC features ads digital signatures to your DNS queries. If you need this, keep searching for other solutions.

Categories: Linux Tags: , , ,
  1. June 29th, 2010 at 19:48 | #1

    Thank you so much. The primary in our production web server pool just crashed, and on reboot everything was breaking horribly because DNS wouldn’t work…

  2. Roderick
    June 16th, 2011 at 14:27 | #2

    Hi,
    Got the same issue, Fedora Core 13. My problem started after restarting the named server yesterday. Upgrading bind did not help. I also used this solution and today I found your article.

    I still don’t understand the problem and if there is a real fix. You got found a real solution?

    Thnx,
    Roderick

  3. June 17th, 2011 at 07:17 | #3

    That was a long time ago. I think the problem was fixed in the next update. If I remember correctly, there were some misplaced files causing the issue.