search

Homas / ioc2rpz

ioc2rpz is a place where threat intelligence meets DNS.
Apache License 2.0
105 stars 17 forks source link

Can't Dig RPZ Zone #9

Closed r421 closed 5 years ago

r421 commented 5 years ago

Why I can't dig my RPZ zone? It keep prompt ;; Couldn't verify signature: tsig indicates error

rpz config: image

dig result: image

Homas commented 5 years ago
  1. Take a look on the log messages from the server side.
  2. Check the ioc2rpz server configuration if the key was provisioned.
  3. Restart ioc2rpz if the key is in the configuration but the server says that the key is not found (this is the only error when ioc2rpz responds with BADKEY).

Regarding the management via ioc2rpz.gui:

  1. Which ioc2rpz and ioc2rpz.gui versions are you using?
  2. If you recently clone the repositories (ioc2rpz and ioc2rpz.gui) then you need to generate and provision SSL certificates to manage ioc2rpz from gui or switch to DNS management (in www/io2vars.php, set io2mgmt to "dns").
  3. ioc2rpz may also do not accept MGMT requests if it was started after ioc2rpz.gui and the configuration didn't contain ACLs.