[Opendnssec-user] opendnssec on Ubuntu 10.04 32bit
bryton at tznic.or.tz
Fri Jul 1 08:47:23 UTC 2011
Thanks Ondrej,Everything is running now.
After everything running smoothly i followed the documentation and i
don't understand few things.
1:I have saved the zone I want to sing to the unsigned source as the
configs say and I was hoping ods-signer could sign it and I get the
signed zone in the signed directory but I don't get anything.Further to
this I decided to do *ods-signer sign tz* and I got *Zone tz scheduled
for immediate re-sign.* why does it saying it immediately and I went to
the signed directory nothing there.
2:I hope now that all config are ok to get the DS so that I can publish
to the parent How do i get this.
3:I did the bellow command and see the list bellow:-
*root at ubuntu-serv-dnssec:/var/lib# ods-ksmutil key list --verbose --zone tz
SQLite database set to: /var/lib/opendnssec/db/kasp.db
Zone: Keytype: State: Date of next
tz KSK publish 2011-07-02
tz ZSK active 2011-07-31
*Wat is the DATE OF NEXT TRANSITION.I was hoping it to be *2012-07-02
01:04:24 *(Meaning its after 1 year for KSK ) ZSK is ok i think.
KIndly assist as I am trying to get to know these things better.
On 06/30/2011 06:06 PM, Ondřej Surý wrote:
> I guess I need to add this README.Debian to opendnssec-signer as well:
> If you are going to use softhsm, you need to allow opendnssec user
> to access /var/lib/softhsm (or another place where you keep your
> softHSM database). On standard debian system, it should be sufficient
> to add opendnssec user to softhsm group by issuing:
> # adduser opendnssec softhsm
> On Thu, Jun 30, 2011 at 17:04, Bryton<bryton at tznic.or.tz> wrote:
>> Starting enforcer...
>> OpenDNSSEC ods-enforcerd started (version 1.2.1), pid 1982
>> Starting signer engine...
>> Starting signer...
>> OpenDNSSEC signer engine version 1.2.1
>> SoftHSM: Could not open the config file: /etc/softhsm/softhsm.conf
>> Could not start signer
>> It seems the error of libxml is gone after removing it from /usr/local/lib
>> but stil signer could not start
>> On 06/30/2011 05:53 PM, Ondřej Surý wrote:
>>> Well, I would suggest removing the libxml2 from /usr/local/lib and use
>>> packaged version unless you explicitly need something not in the
>>> Mixing packaged libraries with /usr/local/lib never plays well.
>>> On Thu, Jun 30, 2011 at 16:51, Rickard Bellgrim<rickard at opendnssec.org>
>>>> On Thu, Jun 30, 2011 at 4:44 PM, Bryton<bryton at tznic.or.tz> wrote:
>>>>> /usr/sbin/ods-signerd: /usr/local/lib/libxml2.so.2: no version
>>>>> available (required by /usr/sbin/ods-signerd)
>>>> Try rebuilding the dynamic linker cache.
>>>> sudo ldconfig
>>>> // Rickard
>>>> Opendnssec-user mailing list
>>>> Opendnssec-user at lists.opendnssec.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Opendnssec-user