[Opendnssec-user] signer setup fails with more than 10 key repositories

Simon Mittelberger simon.mittelberger at united-domains.de
Fri Jan 14 12:57:13 UTC 2011

Am Freitag, den 14.01.2011, 09:33 +0100 schrieb Jakob Schlyter: 
> On 10 jan 2011, at 10.50, Simon Mittelberger wrote:
> > We increased the constant HSM_MAX_SESSIONS to 100 and run a test over
> > the weekend with 20 policies/repositories. It worked without errors.
> Now that 1.2 has been released, I've increased HSM_MAX_SESSIONS to 100 in trunk. We will look into this further before release of 1.3.

Thank you very much.

In the meantime we extended our tests to 50 policies/repositories. It is
running since 4 days with 1500 zones (KSK lifetime: 2 days, ZSK
lifetime: 1 day). This morning we came across the problem, that some
zones were stuck at the beginning of the ksk rollover since yesterday
evening, but this could have been a cause of the experimental standby
keys. However, by helping out with manual rollovers, we are now back to

A big compliment to all of you for developing such great software. Keep
up the good work.

All the best,

More information about the Opendnssec-user mailing list