LEAP 15.6
BIND 9.18.33
About 5 years ago I added a bit of DNSSEC in our name server, DNSSEC Authentication Chain. The certificate that resides on the server requires regular renewing which BIND did as required.
The renewal has stopped happening. In the past when that happened, requesting a reverse resolution would cause the renewal. No longer.
Any suggestions for where to look for restarting the renewal?
$ dig -x 192.88.109.73 @8.8.4.4 +dnssec
; <<>> DiG 9.18.33 <<>> -x 192.88.109.73 @8.8.4.4 +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 11350
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
; EDE: 7 (Signature Expired): (Expired RRSIG found for 73.109.88.192.in-addr.arpa/ptr (keytag=31082))
;; QUESTION SECTION:
;73.109.88.192.in-addr.arpa. IN PTR
;; Query time: 100 msec
;; SERVER: 8.8.4.4#53(8.8.4.4) (UDP)
;; WHEN: Fri Apr 25 10:41:46 MST 2025
;; MSG SIZE rcvd: 130