<div dir="ltr">Thanks for the response.<br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 4, 2016 at 10:13 AM, Berry A.W. van Halderen <span dir="ltr"><<a href="mailto:berry@nlnetlabs.nl" target="_blank">berry@nlnetlabs.nl</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><span class="">On 05/04/2016 08:59 AM, Arun N S wrote:<br>
> Hi,<br>
><br>
>  Trying to configure OpenDNSSEC with SoftHSM with automatic key<br>
> generation and roll over.<br>
><br>
>  While querying the database for keys:<br>
> Zone:                           Keytype:      State:    Date of next<br>
> transition (to):  Size:   Algorithm:  CKA_ID:<br>
> Repository:                       Keytag:<br>
</span>> <a href="http://example.com" rel="noreferrer" target="_blank">example.com</a> <<a href="http://example.com" rel="noreferrer" target="_blank">http://example.com</a>>               ZSK           active<br>
<span class="">>  2016-05-04 10:40:56 (retire)   2048    8<br>
> 457a1480ae07d5a966d40338777e4b93  SoftHSM                           31461<br>
</span>> <a href="http://example.com" rel="noreferrer" target="_blank">example.com</a> <<a href="http://example.com" rel="noreferrer" target="_blank">http://example.com</a>>               ZSK           generate<br>
<span class="">>  (not scheduled)     (publish)  2048    8<br>
> 5ab3b8b52447860557e3b47c0c3b0ac8  SoftHSM                           23151<br>
</span>> <a href="http://example.com" rel="noreferrer" target="_blank">example.com</a> <<a href="http://example.com" rel="noreferrer" target="_blank">http://example.com</a>>               KSK           publish<br>
<span class="">> 2016-05-04 09:47:36 (ready)    2048    8<br>
> 2fcc6fb8591261b35d82b81f588b630d  SoftHSM                           45250<br>
><br>
>  I can see that "Date of next transition" for KSK is at  2016-05-04<br>
> 09:47:36  to READY. Is it supposed to happen automatically?<br>
<br>
</span>Yes, as long as the system is running transitions are performed<br>
automatically.  Except when it explicitly indicates so ("waiting<br>
for...").<br></blockquote><div><br></div><div><br></div><div>The  "Date of next transition" is already passed and the key state did not change until I stop and start ods-control.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<span class=""><br>
> The state did not change until I stop and start ods-control.<br>
<br>
</span>How do you mean, the transition is scheduled for a future time (at least<br>
I guess your timezone).  Was the state different earlier or did<br>
it change state?<br></blockquote><div><br></div><div>This is on a test lab with shorter roll over intervals, and the future time has already reached, and the state did not change.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<br>
\Berry<br>
<br>
> Thanks,<br>
> Arun<br>
><br>
><br>
><br>
> _______________________________________________<br>
> Opendnssec-user mailing list<br>
> <a href="mailto:Opendnssec-user@lists.opendnssec.org">Opendnssec-user@lists.opendnssec.org</a><br>
> <a href="https://lists.opendnssec.org/mailman/listinfo/opendnssec-user" rel="noreferrer" target="_blank">https://lists.opendnssec.org/mailman/listinfo/opendnssec-user</a><br>
><br>
<br>
_______________________________________________<br>
Opendnssec-user mailing list<br>
<a href="mailto:Opendnssec-user@lists.opendnssec.org">Opendnssec-user@lists.opendnssec.org</a><br>
<a href="https://lists.opendnssec.org/mailman/listinfo/opendnssec-user" rel="noreferrer" target="_blank">https://lists.opendnssec.org/mailman/listinfo/opendnssec-user</a><br>
</blockquote></div><br></div></div>