[Opendnssec-user] Reinstalling opendnssec on new server

Bas van den Dikkenberg bas at dikkenberg.net
Wed Jan 25 10:59:00 UTC 2012


Its curently 64 bit en wil stay 64 bit.

Thanks for the howto

-----Oorspronkelijk bericht-----
Van: Ondřej Surý [mailto:ondrej at sury.org] 
Verzonden: woensdag 25 januari 2012 11:47
Aan: lis-unix at uvt.nl
CC: Bas van den Dikkenberg; opendnssec-user at lists.opendnssec.org
Onderwerp: Re: [Opendnssec-user] Reinstalling opendnssec on new server

On Wed, Jan 25, 2012 at 11:10, Casper Gielen <c.gielen at uvt.nl> wrote:
> Op 24-01-12 22:34, Bas van den Dikkenberg schreef:
>> Can some one telme what is the correct procedure to reinstall 
>> opendnssec on a new server with losing keys, and have to do key rol overs?
>
> I've never done so, but I think that just copying everything over 
> should do the trick.

Well, if you have softhsm you need to export/import if you the new architecture has different number of bits. See the recent discussion on the list...

> If you have a (hardware) HSM you'll obviously need to move that as 
> well.
>
> - move the HSM

For softhsm also copy:
/etc/softhsm
/var/lib/softhsm
(adjust paths according to your setup)

> - move the data (/var/lib/opendnssec/) (could also be MySQL).
> - move the configuration (/etc/opendnssec/)

Just tested that myself and with exception of the integer-width glitch, it worked like a charm.

O.
--
Ondřej Surý <ondrej at sury.org>


More information about the Opendnssec-user mailing list