[Opendnssec-user] opendnssec signed zones
Matthijs Mekking
matthijs at nlnetlabs.nl
Tue Dec 11 11:33:09 UTC 2012
Hi Anders,
I don't see any signer logs. Is the signer daemon running?
Best regards,
Matthijs
On 12/11/2012 11:55 AM, Anders.Larsson at tieto.com wrote:
> Hi List!
>
> I have tested the deb package but did get get it work.. so I installed the src from the site and softhsm..
>
> It starts and reads the zone but it don't sign the zone? Or creates the file. I don't get any errors.
> Tried with 2 different zone's
>
> ns:~# ods-ksmutil update zonelist
> zonelist filename set to /etc/opendnssec/zonelist.xml.
> kasp filename set to /etc/opendnssec/kasp.xml.
> Zone jamten.se found
> Policy set to default.
> Zone jll.se found
> Policy set to default.
> Notifying enforcer of new database...
>
>
> ns:~# tail -f /var/log/messages
> Dec 11 11:48:18 ns ods-enforcerd: Config will be output to /var/opendnssec/signconf/jamten.se.xml.
> Dec 11 11:48:18 ns ods-enforcerd: WARNING: New KSK has reached the ready state; please submit the DS for jamten.se and use ods-ksmutil key ds-seen when the DS appears in the DNS.
> Dec 11 11:48:18 ns ods-enforcerd: No change to: /var/opendnssec/signconf/jamten.se.xml
> Dec 11 11:48:18 ns ods-enforcerd: Zone jll.se found.
> Dec 11 11:48:18 ns ods-enforcerd: Policy for jll.se set to default.
> Dec 11 11:48:18 ns ods-enforcerd: Config will be output to /var/opendnssec/signconf/jll.se.xml.
> Dec 11 11:48:18 ns ods-enforcerd: WARNING: New KSK has reached the ready state; please submit the DS for jll.se and use ods-ksmutil key ds-seen when the DS appears in the DNS.
> Dec 11 11:48:18 ns ods-enforcerd: No change to: /var/opendnssec/signconf/jll.se.xml
> Dec 11 11:48:18 ns ods-enforcerd: Disconnecting from Database...
> Dec 11 11:48:18 ns ods-enforcerd: Sleeping for 3600 seconds.
>
>
> ns:~# ods-ksmutil keys list
> Keys:
> Zone: Keytype: State: Date of next transition:
> jamten.se KSK ready waiting for ds-seen
> jamten.se ZSK active 2013-01-09 14:28:06
> jll.se KSK ready waiting for ds-seen
> jll.se ZSK active 2013-01-09 14:48:00
>
> Med vänliga hälsningar / Best regards / Ystävällisin terveisin / S pozdravem,
>
> //Anders Larsson
> Technical Security Specialist
>
> * Tieto, Managed Services and Transformation, MDZ Datacenter Services, MDN
> * Tredje Bassängvägen 2
> * SE-115 83 Stockholm
>
> * Visitors address: Fjärde Bassängvägen 15 www.tieto.com
>
>
> * Tel: +46 (0)10 481 02 20
> * Mobil: +46 (0)70 656 42 64
> * Mail: anders.larsson at tieto.com
> **********************************************
>
> ---- Debian is they way to salvation ----
>
> --- How Hard Can It Be ---
>
>
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20121211/ffdca518/attachment.bin>
More information about the Opendnssec-user
mailing list