[Opendnssec-user] Glitches when running opendnssec for the first time
Jakob Schlyter
jakob at kirei.se
Wed Sep 9 09:20:16 UTC 2009
On 9 sep 2009, at 07.25, Sebastian Castro wrote:
> Anyway, I started from scratch and found a few glitches on the new
> setup.
>
> * Documentation suggests to run signer_engine, then keygend and the
> communicated (although is order is not mandatory). When you run for
> the
> fist time, signer_engine fails because the configuration files for the
> zones (signconf/*.xml) are not present. Once communicated starts,
> notifies signer_engine the conf files are updated and force it to run.
>
> * If the option RequireBackup is specified in the conf.xml for a
> repository, then you need to run "ksmutil backup done repository_name"
> before starting communicated, if not it will fail with a "ERROR:
> Trying
> to make non-backed up KSK active when RequireBackup flag is set"
> message.
>
> * If the Module parameter of a Repository points to a file that
> doesn't
> exists, keygend fails with a very cryptic message: "Load functions:
> CKR_FUNCTION_FAILED"
thank you sebastian - I've added the glitches above to our (internal)
issue-tracker.
jakob
More information about the Opendnssec-user
mailing list