[Opendnssec-user] Zone signed by key in retire state
arun at arunns.com
Tue Sep 27 14:21:24 UTC 2016
We have opendnssec setup to rollover ZSK every 3 months. And in the ODS
database it happened as expected , a new key was in PUBLISH state and later
on to ACTIVE. The old key was moved to retire state. But still, I see the
zone file is signed with the old key (currently in RETIRE state). Any ideas?
I guess if we clear the ods and run signer again it will work, but
wondering why it does not happen automatically?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Opendnssec-user