-
Print
-
DarkLight
-
PDF
I don't get RRSIG's returned when I use "dig +dnssec" - why is this?
Article Summary
Share feedback
Thanks for sharing your feedback!
Most likely, the domain is not signed.
If it is signed, then check whether DNSSEC has been disabled on the nameserver you are querying. In BIND 9, DNSSEC is enabled by default, but can be disabled with:
dnssec-enable no;
If this has been done, the server will not return RRSIG records.