[Opendnssec-user] no signconf/foo.xml
Randy Bush
randy at psg.com
Tue Jan 9 05:09:45 UTC 2018
>> i believe the problem was soft-hsm backup was needed and i had not
>> gotten to that check in my daily manual ritual. why soft-hsm backup
>> is manual, is something i have yet to understand.
>
> For OpenDNSSEC it is a policy thing. You can configure it to use any key
> available or only allow keys that are explicitly marked as backed up by
> the user.
it would seem to be ill-advised to use a key which is not backed up
> How the HSM (SoftHSM or otherwise) manages/automates its backups is out
> of scope for ODS.
no comment
More information about the Opendnssec-user
mailing list