[Opendnssec-user] opendnssec on Ubuntu 10.04 32bit
Bryton
bryton at tznic.or.tz
Mon Jul 4 07:58:53 UTC 2011
Here are the logs
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: unable to open file
/var/lib/opendnssec/signconf/tz.xml for reading: No such file or directory
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: unable to open file
/var/lib/opendnssec/signconf/tz.xml for reading: No such file or directory
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: zone tz has policy
default configured, but has no (valid) signconf file
Jul 4 10:57:41 ubuntu-serv-dnssec ods-enforcerd: Key sharing is Off.
Jul 4 10:57:42 ubuntu-serv-dnssec ods-enforcerd: Error creating key in
repository SoftHSM
Jul 4 10:57:42 ubuntu-serv-dnssec ods-enforcerd: generate key pair:
CKR_GENERAL_ERROR
Hi,
I did *ods-control start* and watch the logs at the same time.I noticed
that the key is not created.and further to that I noticed that there is
not tz.xml in signconf directory.My question is when is this file
created and what are the contents.I decided to do a touch tz.xml the
file was created but when doing ods-control start it tells me that the
file is empty and expective < tag meaning that is supposed to have contents.
On 07/01/2011 12:31 PM, Rickard Bellgrim wrote:
> On Fri, Jul 1, 2011 at 11:29 AM, Rickard Bellgrim
> <rickard at opendnssec.org> wrote:
>> The zone will be signed before the KSK is considered to be active. It
>> is just that the DNSKEY+RRSIG must propagate before you can send up
>> the DS to the parent zone.
> And in your test environment you can just skip sending the DS and just
> give the ds-seen command straight away.
>
> // Rickard
--
Regards,
Bryton.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20110704/32c41a4c/attachment.htm>
More information about the Opendnssec-user
mailing list