[Opendnssec-user] opendnssec on Ubuntu 10.04 32bit
Bryton
bryton at tznic.or.tz
Fri Jul 1 08:47:23 UTC 2011
Thanks Ondrej,Everything is running now.
After everything running smoothly i followed the documentation and i
don't understand few things.
1:I have saved the zone I want to sing to the unsigned source as the
configs say and I was hoping ods-signer could sign it and I get the
signed zone in the signed directory but I don't get anything.Further to
this I decided to do *ods-signer sign tz* and I got *Zone tz scheduled
for immediate re-sign.* why does it saying it immediately and I went to
the signed directory nothing there.
2:I hope now that all config are ok to get the DS so that I can publish
to the parent How do i get this.
3:I did the bellow command and see the list bellow:-
*root at ubuntu-serv-dnssec:/var/lib# ods-ksmutil key list --verbose --zone tz
SQLite database set to: /var/lib/opendnssec/db/kasp.db
Keys:
Zone: Keytype: State: Date of next
transition: CKA_ID:
Repository: Keytag:
tz KSK publish 2011-07-02
01:04:24 2861479296b2cb6ed0f884a479b5e99d
SoftHSM 40949
tz ZSK active 2011-07-31
11:04:24 880a44b2e853db6a26368ecdf292898d
SoftHSM 48528
*Wat is the DATE OF NEXT TRANSITION.I was hoping it to be *2012-07-02
01:04:24 *(Meaning its after 1 year for KSK ) ZSK is ok i think.
KIndly assist as I am trying to get to know these things better.
Bryton.
On 06/30/2011 06:06 PM, Ondřej Surý wrote:
> I guess I need to add this README.Debian to opendnssec-signer as well:
>
> If you are going to use softhsm, you need to allow opendnssec user
> to access /var/lib/softhsm (or another place where you keep your
> softHSM database). On standard debian system, it should be sufficient
> to add opendnssec user to softhsm group by issuing:
>
> # adduser opendnssec softhsm
>
>
> On Thu, Jun 30, 2011 at 17:04, Bryton<bryton at tznic.or.tz> wrote:
>>
>> Starting enforcer...
>> OpenDNSSEC ods-enforcerd started (version 1.2.1), pid 1982
>> Starting signer engine...
>> Starting signer...
>> OpenDNSSEC signer engine version 1.2.1
>> SoftHSM: Could not open the config file: /etc/softhsm/softhsm.conf
>> Could not start signer
>>
>>
>> It seems the error of libxml is gone after removing it from /usr/local/lib
>> but stil signer could not start
>>
>>
>>
>>
>> On 06/30/2011 05:53 PM, Ondřej Surý wrote:
>>> Well, I would suggest removing the libxml2 from /usr/local/lib and use
>>> packaged version unless you explicitly need something not in the
>>> package.
>>>
>>> Mixing packaged libraries with /usr/local/lib never plays well.
>>>
>>> O.
>>>
>>> On Thu, Jun 30, 2011 at 16:51, Rickard Bellgrim<rickard at opendnssec.org>
>>> wrote:
>>>> On Thu, Jun 30, 2011 at 4:44 PM, Bryton<bryton at tznic.or.tz> wrote:
>>>>> /usr/sbin/ods-signerd: /usr/local/lib/libxml2.so.2: no version
>>>>> information
>>>>> available (required by /usr/sbin/ods-signerd)
>>>> Try rebuilding the dynamic linker cache.
>>>>
>>>> sudo ldconfig
>>>>
>>>> // Rickard
>>>> _______________________________________________
>>>> Opendnssec-user mailing list
>>>> Opendnssec-user at lists.opendnssec.org
>>>> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>>>>
>>>
>>
>> --
>> Regards,
>> Bryton.
>>
>>
>
>
--
Regards,
Bryton.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20110701/e51fb113/attachment.htm>
More information about the Opendnssec-user
mailing list