From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010808 Description of problem: The dnssec-keygen program does not allow to generate DSA or RSA key's for DNSSEC. DSA gives a segmentation fault; RSA says that it does not find openssl. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: On a redhat system (roswell): bind version delivered is: 9.1.3-3 1. dnssec-keygen -a DSA -b 1024 -n ZONE myc4a.net results in a segmentation violation 2. dnssec-keygen -a RSA -b 1024 -n ZONE myc4a.net gives this error message:dnssec-keygen: failed to generate key myc4a.net/RSAMD5: openssl failure openssl version installed by roswell: openssl-0.9.6b-4 3.dnssec-keygen -a HMAC-MD5 -b 512 -n ZONE mc1.myc4a.net works; but is not good to sign zone's Actual Results: see above Expected Results: the .key and .private file should have been generated like in step 3 Additional info: How to solve this problem: 0. you should have openssl installed (of course) 1. uninstall the bind rpm: rpm -e --nodeps bind 2. download the bind source package (any.tar.gz) file from the bind site: http://www.isc.org/products/BIND/ 3. compile and install the package and presto; it will now work! You can find a description of this solution on-line: http://marc.theaimsgroup.com/?l=bind9-users&m=100316313915759&w=2 greetings, Bart De Gruyter
Thanks, fixed in 9.2.0-*