Actions
Feature #7340
closedAcme Client nsupdate interface forces a different key-ID for every domain
Start date:
03/02/2017
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Description
It would be much more convenient for a large number of domains to assign a DNSSEC update-key to the firewall and allow it to make updates to all of the relevant host entries in the domain. As it is, a new key must be entered into BIND for every host record being updated. This also significantly complicates the configuration if you use views on your DNS server.
It could be resolved by either allowing a paste of the entire key or adding a field to (optionally) set the key-id instead of generating it as matching the domain being validated.
Actions