[Opendnssec-user] Problem with ods-signer - 1.3.6
denethorr
denethorr at o2.pl
Fri Mar 9 18:59:16 UTC 2012
Hello list!
I have a problem with opendnssec after upgrade to 1.3.6 on Debian
Wheezy. For testing purposes, after upgrade, i've started with
"ods-ksmutil setup" command to start with clean configuration.
The problem is with the ods-signer:
Mar 9 19:36:55 dns-hidden ods-signerd: [rrset] skipping key
1bae67eab87b8d20540a87b047f5eac6 for signing RRset[1]: no active ZSK
Mar 9 19:36:55 dns-hidden ods-signerd: [rrset] skipping key
4641f3444cdcf5ef6b8499c7e6699780 for signing: RRset[1] already has
signature with same algorithm
but:
root at dns-hidden:/etc/bind/zones# ods-ksmutil key list
Keys:
Zone: Keytype: State: Date of next
transition:
xxx.com ZSK active 2012-04-07
09:14:40
xxx.com KSK active 2013-03-09 10:11:04
root at dns-hidden:/etc/bind/zones# ods-hsmutil list
Listing keys in all repositories.
2 keys found.
Repository ID Type
---------- -- ----
SoftHSM 1bae67eab87b8d20540a87b047f5eac6 RSA/2048
SoftHSM 4641f3444cdcf5ef6b8499c7e6699780 RSA/2048
Btw. my zone is not signed. Any idea?
Best Regards
Jan
More information about the Opendnssec-user
mailing list