Posts Tagged ‘dnssec’

Quick Fix for the Fedora DNSSEC Issue

June 26th, 2010 3 comments

After a routing update, Fedora 12 has some problems with the DNS service. The named service fails to start with with the following error:

Error in named configuration:
/etc/pki/dnssec-keys//named.dnssec.keys:1: open: /etc/pki/dnssec-keys//production/bg.conf: file not found

The update was not a fortunate one and an official fix will probably be issued soon. A quick way is to disable the DNSSEC options in named. Edit /etc/named.conf and comment the following lines:

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside . trust-anchor;

and at the bottom:

include "/etc/pki/dnssec-keys//named.dnssec.keys";
include "/etc/pki/dnssec-keys//dlv/";

The DNSSEC features ads digital signatures to your DNS queries. If you need this, keep searching for other solutions.

Categories: Linux Tags: , , ,