[Opendnssec-user] Problems triggered by a zone removal in ODS 1.3.8.
Siôn Lloyd
sion at nominet.org.uk
Thu May 24 08:26:12 UTC 2012
On 24/05/12 09:03, Göran Bengtson wrote:
>
>
> 2 This is serious. Immediately after the ods-ksmutil update command
> is given ODS gets seriously confused about the keys in ANOTHER,
> remaining zone. A new ZSK key is generated, and the active ZSK
> dissapears (is not used anymore). ods-ksmutil key list
> only show the KSK key and the newly generated ZSK key (in publish
> state).
Could you send me (off list) your policy for these zones and the
zonelist so that I can recreate the issue? (I need to see things like
the shared keys flag and the number of zones on the policy.)
Also, is there a reason that you edit the zonelist manually rather than
running "ods-ksmutil zone delete"? This command will inform the signer
that the zonelist has changed.
Thank you.
Sion
More information about the Opendnssec-user
mailing list