named bind errors - DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.'

Mar 22 13:46:14 box named[31767]:  validating @0x7f51bc001550: . DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.'
Mar 22 13:46:14 box named[31767]:  validating @0x7f51bc001550: . DNSKEY: please check the 'trusted-keys' for '.' in named.conf.
Mar 22 13:46:14 box named[31767]: error (broken trust chain) resolving './NS/IN': 192.36.148.17#53

One possibility is sometimes that your time is out of sync.  Check it and fix it, but if your time is correct and you get th error, it probably is the issue mentioned below.

This happened on a new install in CentOS 7 and a default install at that.  bind had the old keys, so the easy solution was just to update bind with:

yum -y update bind


Tags:

bind, errors, dnskey, unable, verifies, rrset, mar, validating, bc, conf, resolving, ns, sync, install, centos, default, update, yum,

Latest Articles

  • Virtualbox VBox Guest-utils drag and drop files stops working with Windows VMs
  • How To Remove Ubuntu Netplan and Go Back to /etc/network/interfaces
  • How To Force Flash an AMD Instinct GPU To Another Model Using Debian Ubuntu Mint Linux
  • How To compile ollama from source to use unsupported AMD GPU with rocm in Ubuntu Debian
  • QEMU KVM Virtio GPU Windows Cannot Select 1080P
  • Linux Gnome Desktop Ubuntu Mint Debian Gets Slower After Weeks
  • Firefox How to Save Full Page As Screenshot/PDF
  • Nvidia Datacenter Driver Tesla Slow nvidia-smi response and high utilization with 0 usage
  • ffmpeg how to normalize / increase the volume of your audio
  • kdenlive audio blips pops cracks artifacts solution fix
  • haproxy / nginx certbot SSL issues
  • nginx how to see the real IP when behind a CDN
  • Docker how to find real container child process ID
  • Alibaba Aliyun how to reset password solution 'Setup does not meet the requirements, please resetting'
  • RTL88X Series 80Mhz hostapd mode for Linux Debian Kali
  • How To Deploy Your Own Mastodon Server in Docker
  • ffmpeg burning subtitles in non-English errors [Parsed_subtitles_0 @ 0x561d3a0b3b80] Glyph 0x6709 not found, selecting one more font for (Sans, 700, 0)
  • rsyslog in container config
  • Interesting Whisper AI CPU vs GPU Test
  • How to install pytorch with cuda capability for AI acceleration with Nvidia Tesla etc.. GPUs
    • Copyright © realtechtalk.com 2026