[Opendnssec-develop] updating policies

Patrik Wallstrom patrik.wallstrom at iis.se
Fri Jul 24 08:47:03 UTC 2009


I am trying the ksmutil update command. What I did was to update the  
kasp.xml file and added a new policy called newpolicy with just a  
small change, making the KSK 4096 bits.

mask$~>sudo ksmutil update
SQLite database set to: /var/opendnssec/kasp.db
Repository softHSM found
No Maximum Capacity set.
zonelist filename set to /etc/opendnssec/zonelist.xml.
Policy default found
Error: unable to insert policy default; skipping
Policy newpolicy found
Error: unable to get policy id for newpolicy; skipping
Failed to update policies

The database I am using was setup a couple of weeks ago, but the code  
is the latest from svn. All signing works. So has the database  
changed? This is supposed to work, right?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090724/9392424e/attachment.bin>


More information about the Opendnssec-develop mailing list