[Opendnssec-user] Error creating key in repository SoftHSM

Gross Claude claude.gross at renater.fr
Thu Feb 14 10:43:57 UTC 2013 

Hi


For testing purposes, I have installed openDNSSEC (opendnssec-1.4.0-0.2.b1.el6.x86_64) on CentOS release 6.3 (Final).
I want to use a softHSM repository :

		<Repository name="SoftHSM">
			<Module>/usr/lib64/softhsm/libsofthsm.so</Module>
			<TokenLabel>OpenDNSSEC</TokenLabel>
			<PIN>1234</PIN>
		</Repository>


When I start the service with  "ods-control start" I have the following error :
____________________
Feb 14 11:38:48 pre-dnssec ods-enforcerd: opendnssec starting...
Feb 14 11:38:48 pre-dnssec ods-enforcerd: opendnssec Parent exiting...
Feb 14 11:38:48 pre-dnssec ods-enforcerd: opendnssec forked OK...
Feb 14 11:38:48 pre-dnssec ods-enforcerd: group set to: ods (496)
Feb 14 11:38:48 pre-dnssec ods-enforcerd: user set to: ods (496)
Feb 14 11:38:48 pre-dnssec ods-enforcerd: opendnssec started (version 1.4.0b1), pid 29752
Feb 14 11:38:48 pre-dnssec ods-enforcerd: HSM opened successfully.
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Checking database connection...
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Database connection ok.
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Reading config "/etc/opendnssec/conf.xml"
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Reading config schema "/usr/share/opendnssec/conf.rng"
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Wrong database backend for enforcer workers, forcing single thread operation
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Communication Interval: 3600
Feb 14 11:38:49 pre-dnssec ods-enforcerd: No DS Submit command supplied
Feb 14 11:38:49 pre-dnssec ods-enforcerd: SQLite database set to: /var/opendnssec/kasp.db
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Log User set to: local0
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Switched log facility to: local0
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Connecting to Database...
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Policy default found.
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Key sharing is Off.
Feb 14 11:38:49 pre-dnssec ods-enforcerd: Error creating key in repository SoftHSM
Feb 14 11:38:49 pre-dnssec ods-enforcerd: generate key pair: CKR_GENERAL_ERROR
____________________

When I test with "ods-hsmutil test SoftHSM -v" :

____________________
Testing repository: SoftHSM

Generating 512-bit RSA key... OK
Extracting key identifier... OK, e1ef6a6a36d199dd6b49a254618c21b1
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Deleting key... OK

Generating 768-bit RSA key... OK
Extracting key identifier... OK, b0445c441c2037a53db99a39f5719202
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Deleting key... OK

Generating 1024-bit RSA key... OK
Extracting key identifier... OK, a26310c7013b94fe980574a5470c1a42
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK

Generating 1536-bit RSA key... OK
Extracting key identifier... OK, e074ec0e9da74296d8d2614d35089306
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK

Generating 2048-bit RSA key... OK
Extracting key identifier... OK, 765935b2ec956752d9c97536ef0d646f
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK

Generating 4096-bit RSA key... OK
Extracting key identifier... OK, 76dc156d3e25286e82e228834d93d794
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK

ods-hsmutil: symbol lookup error: ods-hsmutil: undefined symbol: strlcpy
____________________


What is wrong ?

Thanks

Claude Gross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20130214/bbd69a94/attachment.htm>

More information about the Opendnssec-user mailing list