My DNS servers aren't generating keys. I noticed in the source code of ISPConfig (bind_plugin.inc.php) the following: Code: if (file_get_contents('/proc/sys/kernel/random/entropy_avail') < 400) { $app->log('DNSSEC ERROR: We are low on entropy. Not generating new Keys for '.$domain.'. Please consider installing package haveged.', LOGLEVEL_WARN); echo "DNSSEC ERROR: We are low on entropy. Not generating new Keys for $domain. Please consider installing package haveged.\n"; return false; } Checking the contents of the file "/proc/sys/kernel/random/entropy_avail", the value is 134. I have no idea what this is. Can I just change the value of the file and done? any suggestion?
I've followed these steps: https://www.howtoforge.com/tutorial...php-pureftpd-postfix-dovecot-and-ispconfig/2/ I suggest to include the following commands: Code: systemctl start haveged systemctl enable haveged Thank you!
Yes. DNSSEC will not work on mirror servers, it needs to be reimplemented from scratch to support mirrors which is planned for one of the next releases.
Hi, I want to implement DNSSEC. I am currently using ISPConfig 3.1 mirror setup. Kindly let me know does this version(3.1) is having DNSSEC support for mirror setup. Kindly note we are the service provider.We are having our own DNS.So it is compulsory for us to implement DNSSEC.
DNSSEC is not supported for mirrors yet as it needs to be completely reimplemented for this purpose, which is planned for 3.2.
