[Opendnssec-user] key management bug / operator error

Rickard Bellgrim rickard at opendnssec.org
Tue Jan 17 07:38:17 UTC 2012

> I guess this is not really a bug, though there is some state mismatch
> between HSM and opendnssec. Perhaps in a later version with some
> architecture change, the ksm/ksm could be better integrated so these
> types of state mismatch would not happen anymore?

Sion has implemented a "ods-ksmutil key delete" command in trunk which
will be part of the 1.4 release. The best way is to delete a key using
the Enforcer, so it also can remove the corresponding state.

// Rickard

More information about the Opendnssec-user mailing list