[Opendnssec-user] Repository softHSM is full
Bjorn Hansson
hansson at netera.se
Mon Oct 12 18:02:16 UTC 2009
Hi!
Thanks for your very quick reply!
> There was a bug between r2203 and 2207 which meant that repositories
> defined (in conf.xml) without a capacity would always look full.
> [...]
> 1) purge dead keys from the system using "ods-ksmutil key purge --policy
> <policy>"
Purging the keys solved my immediate problem, and the signing process
could go on.
However, I don't have a capacity tag in the conf.xml (actually I do, but
it's commented out). Compared to the conf.xml.sample, I have only
changed <NotifyCommand> in my conf.xml, so my softHSM should already be
"unlimited" if I understand things correctly. Can I check if my softHSM
is "unlimited" in some way?
Another problem, maybe related to the above, when sent a command to sign
a zone, it is actually signed, but not copied to my output directory. I
can however find the sign file in the temp directory. If I manually copy
the signed file from the tmp directory to my output directory, bind
accepts it. It seems the auditor fails for some reason, please see the
attached file for details. I'll be happy to provide more information
about my system if you need.
Best regards,
Björn
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ods_fail_cdpris_se_20091012.txt
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20091012/ea6f8fb4/attachment.txt>
More information about the Opendnssec-user
mailing list