[Opendnssec-user]Zone XX Not Found

Jerry Lundström jerry at opendnssec.org
Mon Oct 15 08:41:41 UTC 2012


Hi,

On Oct 15, 2012, at 10:31 , wfXLtg== wrote:

> I'm testing 1.4.0b1, I got a problem that my newly added zones were imported successfully and after updating zonelist I could see them by 'ods-ksmutil key list', but ods-signerd 
> complained 'Zone XX not found'.
> 
> [gtld at CST-BJ-104 unsigned]$ /home/gtld/software/OpenDNSSEC-1.4b1/bin/ods-ksmutil key list -v
> MySQL database schema set to: KASP
> MySQL database user set to: kaspuser
> MySQL database password set
> Keys:
> Zone:                           Keytype:      State:    Date of next transition (to):  Size:   Algorithm:  CKA_ID:                           Repository:                       Keytag:
> test3.com.cn                    ZSK           active    2013-01-13 16:20:45 (retire)   1024    8           3dc5b727a7d22d3c478bec29afb419c6  SoftHSM                           48366
> test3.com.cn                    KSK           publish   2012-10-16 06:20:45 (ready)    2048    8           4e1731a3b875a3bb6370b549f7ee1f6f  SoftHSM                           39667
> 
> [gtld at CST-BJ-104 tmp]$ /home/gtld/software/OpenDNSSEC-1.4b1/sbin/ods-signer sign test3.com.cn
> Zone test3.com.cn not found.


After you add a zone the Enforcer needs to run and generate the signer configurations and then the Signer needs to read the new zonelist and the new zones signer configuration.

Check your syslog for the generation of the signer configuration by the Enforcer, if it didn't happen you can HUP the Enforcer to force it to check all zones again and generate the signer configuration.

Then check that the Signer reads the signer configuration, if it didn't happen you can issue 'ods-signer update --all'.

--
Jerry Lundström - OpenDNSSEC Developer
http://www.opendnssec.org/




More information about the Opendnssec-user mailing list