[Opendnssec-user] Key (xxx) has gone straight to active use without a prepublished phase
Volker Janzen
voja at voja.de
Tue Aug 2 15:45:16 UTC 2011
Hi all,
today I noticed a problem in my OpenDNSSEC installation, which I don't
understand. I had expired signatures for many domains in OpenDNSSEC. I
was not able to figure out what might have caused this. I just found
this strange log entries, which I do not understand:
ods-auditor[7879]: Auditor started
ods-auditor[7879]: Auditor starting on <domain1>.de
ods-auditor[7882]: Auditor started
ods-auditor[7882]: Auditor starting on <domain2>.de
ods-auditor[7879]: SOA differs : from 2011080103 to 2011062380
ods-auditor[7879]: Auditing <domain1>.de zone : NSEC3 SIGNED
ods-auditor[7879]: Key (20188) has gone straight to active use without
a prepublished phase
ods-auditor[7879]: Finished auditing <domain1>.de zone
ods-auditor[7882]: SOA differs : from 2011080103 to 2011062378
ods-auditor[7882]: Auditing <domain2>.de zone : NSEC3 SIGNED
ods-auditor[7882]: Key (40336) has gone straight to active use without
a prepublished phase
ods-auditor[7882]: Finished auditing <domain2>.de zone
What might have cause this problem and how can I solve it now? The
signatures are expired and I can't see any attempt of the signer to
re-sign the zones.
Kind regards
Volker Janzen
More information about the Opendnssec-user
mailing list