[Opendnssec-user] no softhsm whining
Rickard Bellgrim
rickard at opendnssec.org
Tue Jun 10 11:08:47 UTC 2014
On Mon, Jun 9, 2014 at 7:27 PM, Randy Bush <randy at psg.com> wrote:
>
> all ds are seen. repository is flagged. i am still not asked to back
> keys up.
>
> <Repository name="SoftHSM">
>
> <Module>/usr/local/lib/softhsm/libsofthsm.so</Module>
> <TokenLabel>opendnssec</TokenLabel>
> <PIN>VibogNond1</PIN>
> <RequireBackup/>
> <SkipPublicKey/>
> </Repository>
>
Are the keys generated after the update to the policy? Changes to the
policy only applies to keys generated after the change.
Could it be that the message is not logged because the ZSK is generated in
the same repository as the KSK? See the if-statement in:
https://github.com/opendnssec/opendnssec/blob/1.4/master/enforcer/enforcerd/enforcer.c#L575
// Rickard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140610/6a1bcdc6/attachment.htm>
More information about the Opendnssec-user
mailing list