[Opendnssec-user] manual key rollover results in "1970-01-01 01:00:00"

[Yuri Schaeffer]

On 13-11-17 08:30, Dennis Baaten wrote:
>> I find it also strange that these dates are all in the past, and nothing
> seems to be happening. It gives me the feeling that ODS is not working. 
> 
> My ODS implementation is based on input and output files. In order to check
> whether ODS is working, I checked the date that the signed zone files were
> last updated. I discovered that all zone files are last updated after the
> execution of 'ods-migrate'. 
> 
> -rw-r--r-- 1 opendnssec opendnssec 17526 Nov  3 11:14 db_signed.xxx
> -rw-r--r-- 1 opendnssec opendnssec 12415 Nov  3 11:14 db_signed.xxx
> -rw-r--r-- 1 opendnssec opendnssec 12642 Nov  3 11:14
> db_signed.dennisbaaten.com
> -rw-r--r-- 1 opendnssec opendnssec 10192 Nov  3 11:14 db_signed.xxx
> -rw-r--r-- 1 opendnssec opendnssec 11403 Nov  3 11:14 db_signed.xxx
> -rw-r--r-- 1 opendnssec opendnssec 33545 Nov  3 11:14 db_signed.xxx
> -rw-r--r-- 1 opendnssec opendnssec 12716 Nov  3 11:14 db_signed.xxx
> 
>>From my perspective this confirms that the manual rollover I performed for
> dennisbaaten.com (which as approx. 1 day after 'ods-migrate') was not
> executed at all, since no changes have been made to the zone file. 

That timestamp indeed seems strange. If a rollover would have happened I
would expect that value to be updated. Is the signer running? - what is
it logging?

If you want I can take a look at your setup to make sure everything is
in order. Can you provide me with the following details:

- output of: ods-enforcer key list -d
- output of: ods-enforcer queue
- timestamp on signconf of dennisbaaten.com
off list:
- signconf of dennisbaaten.com
- kasp.db

//Yuri

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20171113/62be6de6/attachment.bin>