[Opendnssec-user] signer setup fails with more than 10 key repositories
Simon Mittelberger
simon.mittelberger at united-domains.de
Fri Jan 14 12:57:13 UTC 2011
Am Freitag, den 14.01.2011, 09:33 +0100 schrieb Jakob Schlyter:
> On 10 jan 2011, at 10.50, Simon Mittelberger wrote:
>
> > We increased the constant HSM_MAX_SESSIONS to 100 and run a test over
> > the weekend with 20 policies/repositories. It worked without errors.
>
> Now that 1.2 has been released, I've increased HSM_MAX_SESSIONS to 100 in trunk. We will look into this further before release of 1.3.
Thank you very much.
In the meantime we extended our tests to 50 policies/repositories. It is
running since 4 days with 1500 zones (KSK lifetime: 2 days, ZSK
lifetime: 1 day). This morning we came across the problem, that some
zones were stuck at the beginning of the ksk rollover since yesterday
evening, but this could have been a cause of the experimental standby
keys. However, by helping out with manual rollovers, we are now back to
normal.
A big compliment to all of you for developing such great software. Keep
up the good work.
All the best,
Simon
More information about the Opendnssec-user
mailing list