[Opendnssec-user] Reinstalling opendnssec on new server
Ondřej Surý
ondrej at sury.org
Wed Jan 25 10:46:36 UTC 2012
On Wed, Jan 25, 2012 at 11:10, Casper Gielen <c.gielen at uvt.nl> wrote:
> Op 24-01-12 22:34, Bas van den Dikkenberg schreef:
>> Can some one telme what is the correct procedure to reinstall opendnssec
>> on a new server with losing keys, and have to do key rol overs?
>
> I've never done so, but I think that just copying everything over should
> do the trick.
Well, if you have softhsm you need to export/import if you the new architecture
has different number of bits. See the recent discussion on the list...
> If you have a (hardware) HSM you'll obviously need to move
> that as well.
>
> - move the HSM
For softhsm also copy:
/etc/softhsm
/var/lib/softhsm
(adjust paths according to your setup)
> - move the data (/var/lib/opendnssec/) (could also be MySQL).
> - move the configuration (/etc/opendnssec/)
Just tested that myself and with exception of the integer-width
glitch, it worked like a charm.
O.
--
Ondřej Surý <ondrej at sury.org>
More information about the Opendnssec-user
mailing list