[Opendnssec-user] 'Error allocating ksks' problem
Björn Hansson
hansson at netera.se
Wed Jun 2 13:47:21 UTC 2010
Hello!
I just tried to set up a new and fresh version of OpenDNSSEC, to try out
the newer versions. I'm running 1.1.0, and SoftHSM 1.1.4, using the
default settings, except the fact that I use datecounter instead of
unixtimestamp as serial.
I was able to add 11 zones, all of the them small (maximum 100 RR/zone),
and then the problem below arrised. The first zones are signed correctly.
Have you heard about this problem before? If not, what can I provide for
you to be able to help me with this issue?
The host is running Fedora 12 and the ods-enforcerd has been ran several
times with the same error, so unfortunately it will not be able to
create the keys on its next run.
Jun 2 15:38:01 xen02 ods-enforcerd: Zone zonesec07.se found.
Jun 2 15:38:01 xen02 ods-enforcerd: Policy for zonesec07.se set to default.
Jun 2 15:38:01 xen02 ods-enforcerd: Config will be output to
/var/opendnssec/signconf/zonesec07.se.xml.
Jun 2 15:38:01 xen02 ods-enforcerd: Not enough keys to satisfy ksk
policy for zone: zonesec07.se
Jun 2 15:38:01 xen02 ods-enforcerd: ods-enforcerd will create some more
keys on its next run
Jun 2 15:38:01 xen02 ods-enforcerd: Error allocating ksks to zone
zonesec07.se
Jun 2 15:38:01 xen02 ods-enforcerd: Disconnecting from Database...
Jun 2 15:38:01 xen02 ods-enforcerd: Sleeping for 3600 seconds.
Best regards,
Björn Hansson
More information about the Opendnssec-user
mailing list