[Opendnssec-user] About Key rollover

yaohongyuan yaohongyuan at 163.com
Tue Nov 17 04:13:01 UTC 2015


Hi all,

       I got a difficult job about replace our HSM (hardware) . So we must hold two sets of keys (one set in the new HSM the other in the new one ) .
      As described in RFC 6781 we must keep the two sets of keys all alive .
      Do you think it is possible for opendnssec to connect to two HSMs and sign into one zone file?

      We used opendnssec version is 1.4.7.
      Would you please give any suggestions or other solution?


Best Regards,
Dean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20151117/25b10bf2/attachment.htm>


More information about the Opendnssec-user mailing list