Hello, on ISPC 3.2.6 with ubuntu 20.04 servers I create DKIM record through API. dbispconfig seems ok, and pri.domain.tld is created with DKIM record inside. But, this record is not in my pri.domain.tld.signed. I run API dns_zone_update function. I can see that pri.domain.tld is new. But, no pri.domain.tld.signed file. I try grep name /var/log/syslog... Nothing visible. Any idea ?
Enable server debugging, change something in that dns zone, and run server.sh manually to see what is going on. Post the results here if you need further help identifying the problem.
I found out that 'sign zone DNSSEC' toggle in DNS zone was disabled... So, it doesn't sign ! Very logical... I don't know why this toggle was disabled... Normally, I drive my config by API only... thanks a lot for your help !
Finally, this is an issue in my script... I turn to debug, run server.sh it gives Code: 27.09.2021-19:28 - DEBUG - safe_exec cmd: cd '/etc/bind'; named-checkzone 'client102.fr' '/etc/bind/pri.client102.fr' | egrep -ho '[0-9]{10}' - return code: 1 27.09.2021-19:28 - ERROR - DNSSEC Error: Error in Zonefile for client102.fr I try Code: cd '/etc/bind'; named-checkzone 'client102.fr' '/etc/bind/pri.client102.fr' zone client102.fr/IN: loaded serial 2021 OK I understand I have to look at my zone definition... but what ? My script is signing correctly (Mx, spf, ...) before DKIM record entery...
I think I find it out. In my DKIM pub key, there is "" (twice double quotes), these seem to disappear Code: $dns_record = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$dkim_public); $dns_record = str_replace(array("\r\n", "\n", "\r"),'',$dns_record); $dkim_txt = 'v=DKIM1; t=s; p='.$dns_record; and $params = ... 'data' => $dkim_txt, ... It seems to be at $params level (\" requested ?)