After a few days (zsk.validity = "604800") without a change:
% cascade zone status --detailed internautique.fr
Status report for zone 'internautique.fr' using policy 'default'
✔ Waited for a new version of the internautique.fr zone
✔ Loaded <serial number not yet known>
Loaded at 2025-11-01T16:29:59+00:00 (4days 22h 47m 20s ago)
Loaded 333 B and 7 records from the filesystem in 0 seconds
✔ Waited for approval to sign <serial number not yet known>
• Approval received to sign <serial number not yet known>, signing requested
DNSSEC keys:
ZSK tagged 30906:
Reference: file:///var/db/cascade/keys/Kinternautique.fr.+015+30906.key
Actively used for signing
KSK tagged 35690:
Reference: file:///var/db/cascade/keys/Kinternautique.fr.+015+35690.key
Actively used for signing
Details:
key file:///var/db/cascade/keys/Kinternautique.fr.+015+30906.key has expired.
key file:///var/db/cascade/keys/Kinternautique.fr.+015+35690.key expires at 2026-01-01T16:28:15Z
OK, the ZSK expired but I hoped that a rollover would replace it automatically and I'(m surprised it was not the case.
(And, as usual - see #291 - , when I start manually the rollover, no notify is sent to the name server, until I cascade zone reload)
After a few days (
zsk.validity = "604800") without a change:OK, the ZSK expired but I hoped that a rollover would replace it automatically and I'(m surprised it was not the case.
(And, as usual - see #291 - , when I start manually the rollover, no notify is sent to the name server, until I
cascade zone reload)