[Opendnssec-user] Not enough keys to satisfy ksk policy for zone
matthijs at NLnetLabs.nl
Mon Jun 28 06:50:16 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
This bug has been reported and it is in our internal project tracker.
We are working on a better integration between the bug report system and
our internal tracker.
The issue 'P2Y6M' I was not aware off. It seems like a the code does
document a known issue that it cannot handle mixed formats. I agree that
this is confusing and I'll add a ticket to our internal tracker for this.
Thanks for reporting!
On 06/26/2010 04:27 PM, Volker Janzen wrote:
> Hi Matthijs,
>> Yes this is a bug. In the meantime, you can create some more keys
>> manually with:
>> # ods-ksmutil key generate --policy <name> --interval <duration>
>> That should work.
> this worked. Has the bug been reported before? I didn't find it in trac.
> I found another issue in the man page. It shows "P2Y6M" as example for
> the duration. Using this returns:
> epun:~# ods-ksmutil key generate --policy default --interval P2Y6M
> SQLite database set to: /var/lib/opendnssec/db/kasp.db
> Key sharing is Off
> Error: unable to convert Interval P2Y6M to seconds, error: unable to
> translate string.
> Why does this not work? Found it a bit confusing when using an example
> from man page, which is not working.
> Best regards,
> Volker Janzen
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Opendnssec-user