[Opendnssec-user] Removing old keys and policies
hoda at nlnetlabs.nl
Tue Aug 22 15:41:03 UTC 2017
On 22-08-17 15:27, Julian Brost wrote:
> (follow-up on the public list, could also be of interest to others)
> On 21.08.2017 13:59, Hoda Rohani wrote:
>> Actually this command works for me on your db:
>> ods-enforcer policy purge
>> Purging policies
> Yes, that command indeed works. Somehow I must have missed that command.
>> Please let me know if you still have problem.
> The table hsmKey still contains lots of keys that now no longer
> reference a policy and neither exist in SoftHSM any more. Is that
> supposed to happen?
Unfortunately there is no way to get rid of those keys except manually removing them from database.
I personally think it would be better to have a command to remove those keys from hsmkey table. I will talk about this
with other people.
> Thanks for your help!
More information about the Opendnssec-user