How can I distinguish the active ksk dnssec
I use windows 2012r2 as DNS server.
After signing a domain 4 DNS keys are generated
2 ksk and 2 zsk
I have to publish one of the ksk with the nameprovider for the chain of trust.
but I don't understand which one, because except the public key the files are identical. So how can I find which key is active and which one is the roll over(standby) key?
When visiting dnsviz.com I can see that I have published the wrong key, see picture.
2017-03-14-14_24_36-DNSViz---Interne.png
After signing a domain 4 DNS keys are generated
2 ksk and 2 zsk
I have to publish one of the ksk with the nameprovider for the chain of trust.
but I don't understand which one, because except the public key the files are identical. So how can I find which key is active and which one is the roll over(standby) key?
When visiting dnsviz.com I can see that I have published the wrong key, see picture.
2017-03-14-14_24_36-DNSViz---Interne.png
Last Comment
DrDave242
The DNSSEC Properties page of a signed zone has a KSK tab that shows the GUIDs of the active and standby keys, but so far I haven't been able to locate those GUIDs anywhere else, so they aren't very useful. Are you able to simply publish both of them?
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Asker found the solution.
DNS
The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.
29K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
