[Opendnssec-user] "error creating RRSIG" because of retired and purged ZSK
pol at leissner.se
Mon Oct 24 12:59:10 UTC 2011
On Mon, Oct 24, 2011 at 01:05:16PM +0200, Mathieu Arnold wrote:
> +--On 24 octobre 2011 11:56:41 +0100 Siôn Lloyd <sion at nominet.org.uk>
> |> Here is xxx.se.sc:
> |> ;ODSSE1
> |> ;name: xxx.se
> |> ;filename: /usr/local/var/opendnssec/signconf/xxx.se.xml
> |> ;last_modified: 1315781548
> | If the date here is correct it indicates that the file has not been
> | updated since 11 September 2011 (22:52:28)...
> | Is there anything in the enforcer logs that might indicate why this is
> | the case?
> I've had this problem too, on FreeBSD, when the enforcer has no tty
> associated, it launches ods-signer update <zone>, but it has no effect
> whatsoever. (So I have it running in a screen.)
> Here, the first does not do anything, and the second works :
> # ods-signer update mat.cc < /dev/null
> # ods-signer update mat.cc
> Zone mat.cc config being updated.
One final question, which version of opendnssec do you run?
I run 1.2.1, just wondering if upgrading to 1.3.2 might solve
this update problem.
Peter Olsson pol at leissner.se
CCIE #8963 R&S, Security +46 520 500511
Leissner Data AB +46 701 809511
More information about the Opendnssec-user