Bug 54661 - bind: dnssec-keygen: DSA & RSA don't work
Summary: bind: dnssec-keygen: DSA & RSA don't work
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Public Beta
Classification: Retired
Component: bind
Version: roswell
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bernhard Rosenkraenzer
QA Contact: David Lawrence
URL: http://marc.theaimsgroup.com/?l=bind9...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-10-15 17:26 UTC by Bart De Gruyter
Modified: 2007-04-18 16:37 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2001-10-15 17:26:06 UTC
Embargoed:


Attachments (Terms of Use)

Description Bart De Gruyter 2001-10-15 17:26:02 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010808

Description of problem:
The dnssec-keygen program does not allow to generate DSA or
RSA key's for DNSSEC. DSA gives a segmentation fault; RSA says
that it does not find openssl.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
On a redhat system (roswell): bind version delivered is:
9.1.3-3


1. dnssec-keygen -a DSA -b 1024 -n ZONE myc4a.net

results in a segmentation violation

2. dnssec-keygen -a RSA -b 1024 -n ZONE myc4a.net

gives this error message:dnssec-keygen: failed to generate key
myc4a.net/RSAMD5: openssl failure

openssl version installed by roswell:
openssl-0.9.6b-4

3.dnssec-keygen -a HMAC-MD5 -b 512 -n ZONE mc1.myc4a.net

works; but is not good to sign zone's

	

Actual Results:  see above

Expected Results:  the .key and .private file should have been generated
like in step
3

Additional info:

How to solve this problem:

0. you should have openssl installed (of course)

1. uninstall the bind rpm:
rpm -e --nodeps bind

2. download the bind source package (any.tar.gz) file from
the bind site: http://www.isc.org/products/BIND/

3. compile and install the package and presto; it will now work!


You can find a description of this solution on-line:

http://marc.theaimsgroup.com/?l=bind9-users&m=100316313915759&w=2

greetings,

Bart De Gruyter

Comment 1 Bernhard Rosenkraenzer 2001-10-24 13:49:27 UTC
Thanks, fixed in 9.2.0-*



Note You need to log in before you can comment on or make changes to this bug.