[Opendnssec-user] 'Error allocating ksks' problem
Björn Hansson
hansson at netera.se
Wed Jun 2 15:22:37 UTC 2010
> Is anything logged when the enforcer tries to generate keys?
This is my log from ods-enforcerd:
Jun 2 17:19:22 xen02 ods-enforcerd: Reading config
"/etc/opendnssec/conf.xml"
Jun 2 17:19:22 xen02 ods-enforcerd: Reading config schema
"/usr/local/share/opendnssec/conf.rng"
Jun 2 17:19:22 xen02 ods-enforcerd: Communication Interval: 3600
Jun 2 17:19:22 xen02 ods-enforcerd: No DS Submit command supplied
Jun 2 17:19:22 xen02 ods-enforcerd: SQLite database set to:
/var/opendnssec/kasp.db
Jun 2 17:19:22 xen02 ods-enforcerd: Log User set to: local0
Jun 2 17:19:22 xen02 ods-enforcerd: Switched log facility to: local0
Jun 2 17:19:22 xen02 ods-enforcerd: Connecting to Database...
Jun 2 17:19:22 xen02 ods-enforcerd: Policy default found.
Jun 2 17:19:22 xen02 ods-enforcerd: Key sharing is Off.
[No change to: xxx.xml (for my 10 working zones]
Jun 2 17:19:24 xen02 ods-enforcerd: Zone zonesec07.se found.
Jun 2 17:19:24 xen02 ods-enforcerd: Policy for zonesec07.se set to default.
Jun 2 17:19:24 xen02 ods-enforcerd: Config will be output to
/var/opendnssec/signconf/zonesec07.se.xml.
Jun 2 17:19:24 xen02 ods-enforcerd: Not enough keys to satisfy ksk
policy for zone: zonesec07.se
Jun 2 17:19:24 xen02 ods-enforcerd: ods-enforcerd will create some more
keys on its next run
Jun 2 17:19:24 xen02 ods-enforcerd: Error allocating ksks to zone
zonesec07.se
Jun 2 17:19:24 xen02 ods-enforcerd: Disconnecting from Database...
Jun 2 17:19:24 xen02 ods-enforcerd: Sleeping for 3600 seconds.
Regards,
Björn
More information about the Opendnssec-user
mailing list