[Opendnssec-user] opendnssec signed zones

Anders.Larsson at tieto.com Anders.Larsson at tieto.com
Tue Dec 11 11:42:55 UTC 2012 

Yes its runnin :)


Dec 11 12:37:40 ns ods-signerd: [worker[4]] read zone jll.se
Dec 11 12:37:40 ns ods-signerd: [adapter] read zone jll.se from file input adapter /var/opendnssec/unsigned/zone.jll.se
Dec 11 12:37:40 ns ods-signerd: [zone] zone jll.se set SOA TTL to 3600
Dec 11 12:37:40 ns ods-signerd: [zone] zone jll.se set SOA MINIMUM to 3600
Dec 11 12:37:40 ns ods-signerd: [tools] commit updates for zone jll.se
Dec 11 12:37:40 ns ods-signerd: [worker[4]] nsecify zone jll.se
Dec 11 12:37:40 ns ods-signerd: [worker[4]] sign zone jll.se
Dec 11 12:37:41 ns ods-signerd: [worker[4]] audit zone jll.se
Dec 11 12:37:41 ns ods-signerd: [worker[4]] backoff task [read] for zone jll.se with 3600 seconds
^C
ns:~# ps -ef | grep signer
root     15599     1  0 Dec10 ?        00:00:02 /usr/local/sbin/ods-signerd




Med vänliga hälsningar / Best regards / Ystävällisin terveisin / S pozdravem, 

//Anders Larsson
Technical Security Specialist

* Tieto, Managed Services and Transformation, MDZ Datacenter Services, MDN 
* Tredje Bassängvägen 2
* SE-115 83 Stockholm

* Visitors address: Fjärde Bassängvägen 15 www.tieto.com


* Tel:          +46 (0)10 481 02 20
* Mobil:    +46 (0)70 656 42 64
* Mail:         anders.larsson at tieto.com
**********************************************
  
  ---- Debian is they way to salvation ----
  
  ---  How Hard Can It Be ---


-----Original Message-----
From: Matthijs Mekking [mailto:matthijs at nlnetlabs.nl] 
Sent: den 11 december 2012 12:33
To: Larsson Anders
Cc: opendnssec-user at lists.opendnssec.org
Subject: Re: [Opendnssec-user] opendnssec signed zones

Hi Anders,

I don't see any signer logs. Is the signer daemon running?

Best regards,
Matthijs

On 12/11/2012 11:55 AM, Anders.Larsson at tieto.com wrote:
> Hi List!
> 
> I have  tested the deb package but did get get it work.. so I installed the src from the site and softhsm..
> 
> It starts and reads the zone but it don't sign the zone? Or creates the file. I don't get any errors.
> Tried with 2 different zone's
> 
> ns:~# ods-ksmutil update zonelist
> zonelist filename set to /etc/opendnssec/zonelist.xml.
> kasp filename set to /etc/opendnssec/kasp.xml.
> Zone jamten.se found
> Policy set to default.
> Zone jll.se found
> Policy set to default.
> Notifying enforcer of new database...
> 
> 
> ns:~# tail -f /var/log/messages
> Dec 11 11:48:18 ns ods-enforcerd: Config will be output to /var/opendnssec/signconf/jamten.se.xml.
> Dec 11 11:48:18 ns ods-enforcerd: WARNING: New KSK has reached the ready state; please submit the DS for jamten.se and use ods-ksmutil key ds-seen when the DS appears in the DNS.
> Dec 11 11:48:18 ns ods-enforcerd: No change to: /var/opendnssec/signconf/jamten.se.xml
> Dec 11 11:48:18 ns ods-enforcerd: Zone jll.se found.
> Dec 11 11:48:18 ns ods-enforcerd: Policy for jll.se set to default.
> Dec 11 11:48:18 ns ods-enforcerd: Config will be output to /var/opendnssec/signconf/jll.se.xml.
> Dec 11 11:48:18 ns ods-enforcerd: WARNING: New KSK has reached the ready state; please submit the DS for jll.se and use ods-ksmutil key ds-seen when the DS appears in the DNS.
> Dec 11 11:48:18 ns ods-enforcerd: No change to: /var/opendnssec/signconf/jll.se.xml
> Dec 11 11:48:18 ns ods-enforcerd: Disconnecting from Database...
> Dec 11 11:48:18 ns ods-enforcerd: Sleeping for 3600 seconds.
> 
> 
> ns:~# ods-ksmutil keys list
> Keys:
> Zone:                           Keytype:      State:    Date of next transition:
> jamten.se                       KSK           ready     waiting for ds-seen       
> jamten.se                       ZSK           active    2013-01-09 14:28:06       
> jll.se                          KSK           ready     waiting for ds-seen       
> jll.se                          ZSK           active    2013-01-09 14:48:00    
> 
> Med vänliga hälsningar / Best regards / Ystävällisin terveisin / S pozdravem, 
> 
> //Anders Larsson
> Technical Security Specialist
> 
> * Tieto, Managed Services and Transformation, MDZ Datacenter Services, MDN 
> * Tredje Bassängvägen 2
> * SE-115 83 Stockholm
> 
> * Visitors address: Fjärde Bassängvägen 15 www.tieto.com
> 
> 
> * Tel:          +46 (0)10 481 02 20
> * Mobil:    +46 (0)70 656 42 64
> * Mail:         anders.larsson at tieto.com
> **********************************************
>   
>   ---- Debian is they way to salvation ----
>   
>   ---  How Hard Can It Be ---
> 
> 
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>

More information about the Opendnssec-user mailing list