[Opendnssec-user] Removing old keys and policies
Hoda Rohani
hoda at nlnetlabs.nl
Tue Aug 22 15:41:03 UTC 2017
Hello,
On 22-08-17 15:27, Julian Brost wrote:
> Hi,
>
> (follow-up on the public list, could also be of interest to others)
>
> On 21.08.2017 13:59, Hoda Rohani wrote:
>> Actually this command works for me on your db:
>>
>> ods-enforcer policy purge
>> Purging policies
>> [...]
>
> Yes, that command indeed works. Somehow I must have missed that command.
>
>> Please let me know if you still have problem.
>
> The table hsmKey still contains lots of keys that now no longer
> reference a policy and neither exist in SoftHSM any more. Is that
> supposed to happen?
>
Unfortunately there is no way to get rid of those keys except manually removing them from database.
I personally think it would be better to have a command to remove those keys from hsmkey table. I will talk about this
with other people.
> Thanks for your help!
>
> Regards,
> Julian
>
Regards,
Hoda Rohani
More information about the Opendnssec-user
mailing list