[Opendnssec-user] signer setup fails with more than 10 key repositories

Jakob Schlyter jakob at kirei.se
Mon Jan 10 09:11:30 UTC 2011

On 7 jan 2011, at 14.32, Sion Lloyd wrote:

> libhsm.h contains the following line:
> #define HSM_MAX_SESSIONS 10
> Which probably goes some way to explaining it. I'm not sure that this can just 
> be raised though as:
> 1) I don't know why it is set to 10 in the first place

"more than 10 HSM:s will be enough for everyone" ;-)

> 2) There may be some assumptions that it is 10 in other places. (I know that 
> there shouldn't be, but I have not checked for it.)

I do not believe so and I see no problem bumping this to something considerable higher - would 1000 be enough as a start (i.e., before we make this more dynamic)?


Jakob Schlyter
Kirei AB - www.kirei.se

More information about the Opendnssec-user mailing list