Le dimanche 30 août 2020 à 12:58 +0200, Mark Elkins a écrit :
> Running BIND.. 9.16.6 on a Gentoo machine - so BIND is kept very much
> up to date.
> dnssec-keygen - Version: 9.16.6
>
> I create DNSSEC Keys in a manual process and in order to see when a
> Key was created (so I can rotate them - etc..) I look at the Creation
> date inside the 'key' file....
> # dnssec-keygen -a RSASHA256
fubar.com
> # cat Kfubar.com.+008+21010.key
> ; This is a zone-signing key, keyid 21010, for
fubar.com.
> ; Created: 20200830105653 (Sun Aug 30 12:56:53 202)
> ; Publish: 20200830105653 (Sun Aug 30 12:56:53 202)
> ; Activate: 20200830105653 (Sun Aug 30 12:56:53 202)
>
> Can anyone spot an issue? Look carefully at the creation date, the
> year in particular!
Hi
it looks like a pretty printing issue.
# dnssec-settime -p all Kfubar.com.+008+21010.key
should give you the correct timestamp.
--
Marcel de Riedmatten