[Opendnssec-user] Key not found

David Peall david at dnservices.co.za
Mon Jun 9 15:47:06 CEST 2014


On 09 Jun 2014, at 2:39 PM, Siôn Lloyd <sion at nominet.org.uk> wrote:

> On 09/06/14 11:30, David Peall wrote:
>> 
>> But then:
>> ods-signerd: [hsm] unable to get key: key 994410881c1e66e2d075ed1ed1756679 not found
>> ods-signerd: [zone] unable to publish dnskeys for zone <zone>: error creating dnskey
>> ods-signerd: [tools] unable to read zone <zone>: failed to publish dnskeys (General error)
>> 
>> But: 
>> ods-ksmutil key list --verbose
>> Zone:                           Keytype:      State:    Date of next transition (to):  Size:   Algorithm:  CKA_ID:                           Repository:                       Keytag:
>> <zone>                        KSK           publish   2014-06-10 02:17:13 (ready)    2048    8           994410881c1e66e2d075ed1ed1756679  thales                            15664
>> 
>> Is this because the key is not active? is this a bug?
> Hi David,
> 
> The state of the key is not causing this... Does the signer run as the
> same user/group as the enforcer?

Yes both the signer and enforcer run as the same user and group.

Regards
—
David Peall

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4148 bytes
Desc: not available
URL: <https://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140609/5ed3cbff/attachment.bin>


More information about the Opendnssec-user mailing list