[Opendnssec-develop] [OpenDNSSEC] #97: How to see the GENERATED keys?

OpenDNSSEC owner-dnssec-trac at kirei.se
Wed Feb 10 09:30:51 UTC 2010 

#97: How to see the GENERATED keys?
---------------------------------------------------------------+------------
Reporter:  Stéphane Bortzmeyer <bortzmeyer+opendnssec@…>       |       Owner:  sion    
    Type:  defect                                              |      Status:  new     
Priority:  major                                               |   Component:  Enforcer
 Version:  1.0.0                                               |    Keywords:          
---------------------------------------------------------------+------------
 I can generate keys in advance:

 {{{
 % sudo ods-ksmutil key generate --policy test --interval 3D --verbose
 SQLite database set to: /var/opendnssec/kasp.db
 Key sharing is Off
 HSM opened successfully.
 Created key in repository softHSM
 Created ZSK size: 1024, alg: 8 with id: a839acc3dd48945e47b8ab9dbb930843
 in repository: softHSM and database.
 all done! hsm_close result: 0
 }}}

 Running it twice generates no keys the next time, which makes sense.

 But this key a839acc3dd48945e47b8ab9dbb930843 does not appear in the list:

 {{{
 % sudo ods-ksmutil key list --verbose --all
 SQLite database set to: /var/opendnssec/kasp.db
 Keys:
 Zone:                           Keytype:      State:    Date of next
 transition:  CKA_ID:                           Repository:
 Keytag:
 bortzmeyer.fr                   KSK           active    2010-02-05
 15:40:41       e6f23e17fda9693e2ba3dc5a79cad1d8  softHSM
 53691
 bortzmeyer.fr                   KSK           ready     next rollover
 1c4d8e9a6e616f09ef66cd3b140e0179  softHSM                           48468
 bortzmeyer.fr                   KSK           ready     next rollover
 c62686f986b46df14d6bbd58a0d383a1  softHSM                           65117
 bortzmeyer.fr                   ZSK           active    2010-02-10
 16:09:10       1d117886e98f80b3dd8516d9a975c877  softHSM
 24243
 bortzmeyer.fr                   ZSK           ready     next rollover
 980d24646af64877ac20aa051b4d29cb  softHSM                           48961
 fr                              KSK           active    2010-08-07
 15:40:41       804f8d743a0e4bcd98d7ce0d4eba4519  softHSM
 53478
 fr                              KSK           ready     next rollover
 bd5602eb87c58af57cd54faf5222c75e  softHSM                           52185
 fr                              ZSK           active    2010-03-04
 15:40:41       5f64166ae2394afa1b17d21839c503e8  softHSM
 50714
 fr                              ZSK           ready     next rollover
 a4aa0e76caceaab4744638f1a15486b5  softHSM                           59717
 }}}

-- 
Ticket URL: <http://trac.opendnssec.org/ticket/97>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC

More information about the Opendnssec-develop mailing list