[Opendnssec-develop] [OpenDNSSEC] #65: -k option for ksk-roll not working
OpenDNSSEC
owner-dnssec-trac at kirei.se
Thu Dec 17 09:31:15 UTC 2009
#65: -k option for ksk-roll not working
---------------------------------+------------------------------------------
Reporter: andyh@… | Owner: rb
Type: defect | Status: new
Priority: major | Component: Unknown
Version: trunk | Keywords:
---------------------------------+------------------------------------------
This was using rc1, not tested rc2 yet.
I've just tried a ksk roll using the help from ods-ksmutil:
key ksk-roll
--zone <zone> aka -z
--keytag <keytag> | --cka_id <CKA_ID> aka -x / -k
ods-ksmutil key ksk-roll -z uk -k3156
*WARNING* This will retire the currently active KSK; are you sure? [y/N] y
SQLite database set to: /var/opendnssec/kasp.db
Error: keytag "(null)"; should be numeric only
the --keytag option works correctly:
ods-ksmutil key ksk-roll -z uk --keytag 3156
*WARNING* This will retire the currently active KSK; are you sure? [y/N] y
SQLite database set to: /var/opendnssec/kasp.db
Found key with CKA_ID be353aedeadc33ce35eaadb875249d14
Key be353aedeadc33ce35eaadb875249d14 made active, old key retired
--
Ticket URL: <http://trac.opendnssec.org/ticket/65>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list