[Opendnssec-user] When does ods-signer stop signing a zone?
Rick van Rein
rick at openfortress.nl
Tue Sep 30 12:50:45 UTC 2014
Hello,
I removed a zone from the Enforcer, and find that it is indeed gone. In /var/opendnssec/signconf, I find files with the zone name plus .OLD and .ZONE_DELETED. Still, the signer happily continues to sign the zone, and list it in its queue! Indeed, the RRSIG timestamps are all valid in the future, and some have been generated since zone deletion.
What could be the cause that the signer did not pickup on this change?
Thanks,
-Rick
More information about the Opendnssec-user
mailing list