[Opendnssec-user] Retired keys
Marco Davids (SIDN)
marco.davids at sidn.nl
Wed Jul 7 06:08:46 UTC 2010
For testing pruposes I configured a setup with very short rollover
periods. Everything seems to work fine; new zonefile every 15 minutes,
new ZSK every two hours or so.
However, in spite of short timing-settings, the number of retired ZSK's
is increasing, because their next transition time is always one week
ahead, no matter what I try to shorten this.
I fiddled around with a number of options, in particular the
RetireSafety setting, but so far without luck.
What am I missing here?
More information about the Opendnssec-user