[Opendnssec-user] Signature failed to cryptographically verify
Jerry Lundström
jerry at opendnssec.org
Mon Jun 2 07:27:18 UTC 2014
Hi Gilles,
On fre, 2014-05-30 at 16:05 +0200, Gilles Massen wrote:
> I have an error with a zone, and I'm baffled were it comes from. The
> auditor (yes, still using it) complains about "Signature failed to
> cryptographically verify, tag = 54711" for about any signature for a
> given zone.
If you could share the logs it would help, also if you can get the logs
with a high verbosity on the Signer.
> I tries ods-signer clear, stopping opendnssec and removing all zone
> related temp files manually, replacing the entire ods-tree with a known
> good config from another server - same errors.
What do you mean with "ods-tree" ?
> I have no clue where this comes from, or what could be the trigger, let
> alone the cause.
>
> Any hints would be very appreciated...
Have you tried validating the zone with validns? Does it give an error
also?
> BTW: opendnssec 1.3.14
Can you upgrade to the latest 1.3 version (1.3.17) and test? Maybe on a
test platform if you do not want to upgrade production right away.
--
Jerry Lundström - OpenDNSSEC Developer
http://www.opendnssec.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 643 bytes
Desc: This is a digitally signed message part
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140602/de8a23cc/attachment.bin>
More information about the Opendnssec-user
mailing list