Converting a regular BIND ZONE to DNSSEC

Recently I wanted to sign a regular zone in BIND9.7. Google wasn’t very helpful so I thought I’d write up a little bit about it here.

My /etc/named.conf looks like this:

I want to keep my dnssec zones in a separate directory.

Now I sign the zone.

Finally I want to change the named.conf to the myzone.com.signed.

Make sure that all the files are owned by user “named” and reload bind

Leave a Reply