Use an alternate name for the '.' zone
The root zone's domain is `.` but this means something special in the filesystem which causes an error when creating the zone file.
This commit is contained in:
+8
-2
@@ -8,11 +8,17 @@ RANDOM_DEVICE="$5"
|
||||
NSEC3_SALT="$6"
|
||||
PATH=/bin:/sbin:/usr/bin:/usr/sbin
|
||||
|
||||
if [ "${DOMAIN}" == "." ]; then
|
||||
ZONE_FILE=root
|
||||
else
|
||||
ZONE_FILE="${DOMAIN}"
|
||||
fi
|
||||
|
||||
dnssec-keygen -a RSASHA256 -b 1024 -r "${RANDOM_DEVICE}" -K "${KEY_DIRECTORY}" "${DOMAIN}"
|
||||
dnssec-keygen -a RSASHA256 -b 2048 -r "${RANDOM_DEVICE}" -f KSK -K "${KEY_DIRECTORY}" "${DOMAIN}"
|
||||
|
||||
if [ $NSEC3_SALT != '' ]; then
|
||||
dnssec-signzone -S -u -3 ${NSEC3_SALT} -d "${CACHEDIR}" -K "${KEY_DIRECTORY}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${DOMAIN}"
|
||||
dnssec-signzone -S -u -3 ${NSEC3_SALT} -d "${CACHEDIR}" -K "${KEY_DIRECTORY}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${ZONE_FILE}"
|
||||
else
|
||||
dnssec-signzone -S -d "${CACHEDIR}" -K "${KEY_DIRECTORY}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${DOMAIN}"
|
||||
dnssec-signzone -S -d "${CACHEDIR}" -K "${KEY_DIRECTORY}" -o "${DOMAIN}" "${CACHEDIR}/${NAME}/${ZONE_FILE}"
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user