mc3
commented
6 years ago It seems that the bug happens in bind910, bind911, bind912 and bind913 independent of empty include files if any. See: https://gitlab.isc.org/isc-projects/bind9/issues/435
Closed mc3 closed 6 years ago
mc3
commented
6 years ago It seems that the bug happens in bind910, bind911, bind912 and bind913 independent of empty include files if any. See: https://gitlab.isc.org/isc-projects/bind9/issues/435
mc3
commented
6 years ago Fixed (hopefully) by 3aec509.
serverPKI issues TLSA RRs or challenge responses for letsencrypt by updating files, included by the master file. If only included files plus SOA serial are changed (remaining master file unchanged), then it may happen, that named stops signing and propagating zone file changes. This is really a bind issue, up to bind-9.12.
It would be helpfull, if we could find a workaround for serverPKI to prevent from this bug.