Project

General

Profile

Actions

Feature #7340

closed

Acme Client nsupdate interface forces a different key-ID for every domain

Added by Sam Bingner over 7 years ago. Updated almost 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
ACME
Target version:
-
Start date:
03/02/2017
Due date:
% Done:

100%

Estimated time:
Plus Target Version:

Description

It would be much more convenient for a large number of domains to assign a DNSSEC update-key to the firewall and allow it to make updates to all of the relevant host entries in the domain. As it is, a new key must be entered into BIND for every host record being updated. This also significantly complicates the configuration if you use views on your DNS server.

It could be resolved by either allowing a paste of the entire key or adding a field to (optionally) set the key-id instead of generating it as matching the domain being validated.

Actions

Also available in: Atom PDF