[Opendnssec-user] Serial problem after rollover in 2.0.1
yuri at nlnetlabs.nl
Fri Sep 16 10:07:15 UTC 2016
> We never had this problem with 1.4. From our /etc/opendnssec/kasp.xml:
> The kasp.xml has not been touched since December 2015.
> So, there must be something else. Could it be that the migration of the
> database changed it from datacounter to keep?
> Should I update the configuration after the migration?
The log message really seem to suggest 'keep' is used. Can you check the
SOA section of /var/opendnssec/signconf/kvi.nl (or similar path)?
If it says 'keep' in the signconf you should make sure the enforcerd
reads the kasp.xml from the correct location. If it does -something odd
has happend during conversion- you can issue a 'ods-enforcer policy
import' to have the enforcer reread the kasp.xml.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 163 bytes
Desc: OpenPGP digital signature
More information about the Opendnssec-user