[Opendnssec-user] adding a zone
Rickard Bellgrim
rickard.bellgrim at iis.se
Mon Nov 29 12:48:04 UTC 2010
On 26 nov 2010, at 19.15, Pierre LEBRECH wrote:
> when I add a zone, I use the command "ods-ksmutil". Then, I send a HUP signal to enforcerd to let it create
> the XML signconf for the new zone. Then, a HUP signal to ods-signerd fetch the new zone and sign it.
>
> The problem with this process is that all zones are scanned and fetched, just because I add a single zone.
>
> So, my question : Is there an easy way to add a zone, get the zone signed, without scanning all the zones?
We now have a command "ods-ksmutil notify" (which uses the HUP signal) that wake the Enforcer up and process your change.
Once the Enforcer have updated the signconf for that zone, then it will call "ods-signer update <zone>". So there is no need to tell the Signer Engine to sign this new zone.
How do you HUP the signer?
// Rickard
More information about the Opendnssec-user
mailing list