[Opendnssec-user] after upgrading to 1.1.2: Error initializing libhsm

Gilles Massen gilles.massen at restena.lu
Wed Sep 8 08:38:34 UTC 2010


>> Isn't it possible to have opendnssec work with the available tokens, and
>> only fail where needed?
> 
> No, that is not possible - libhsm will try to connect to all configured HSMs at startup.

Ok - understandable. In that case I'd humbly suggest to look if the
errors could be less misleading: libhsm seems to mix the token names in
its messages.

Another example:

#bin/ods-hsmutil test keyper
Testing repository: keyper

Generating 512-bit RSA key...
answer.GetCall(KEYGEN2) failed; error 1208Failed
hsm_get_slot_id(): could not find token with the name My Token 1
[...]

'My Token 1' is a token associated with the repository 'softHSM', not
'keyper'. The fail is correct for the keyper, though (512 bit not
supported).

Best,
Gilles

-- 
Fondation RESTENA
6, rue Coudenhove-Kalergi
L-1359 Luxembourg
tel: (+352) 424409
fax: (+352) 422473



More information about the Opendnssec-user mailing list