[Opendnssec-user] [EXT] CRITICAL: failed to sign zone

Ulrich-Lorenz Schlüter audiomobster at gmail.com
Fri Aug 16 16:21:26 UTC 2019


I checked perms as described.
Turned up logging verbosity.
"ods-ksmutil key list --verbose" does not spit out any keys.

Regards
Uli
Am 16.08.19 um 16:39 schrieb Jake Zack:
> Check permissions on:
> /etc/opendnssec
> /var/opendnsec
> /var/lib/softhsm
> +whatever files/directories are listed in /etc/opendnssec/zonelist.xml
> 
> Verify "ods-ksmutil key list --verbose" spits out keys...
> 
> -----Original Message-----
> From: Opendnssec-user <opendnssec-user-bounces at lists.opendnssec.org> On Behalf Of Ulrich-Lorenz Schlüter
> Sent: August 16, 2019 9:14 AM
> To: opendnssec-user at lists.opendnssec.org
> Subject: [EXT] [Opendnssec-user] CRITICAL: failed to sign zone
> 
> Hello list
> 
> I just set up
> opendnssec version 1.4.14 and softhsm version 2.5.0
> 
> Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone schlueter.family request axfr to 127.0.0.1 Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone sycosys.de request axfr to 127.0.0.1 Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone schlueter.family transfer done [notify acquired 0, serial on disk 1565763800, notify serial 0] Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone sycosys.de transfer done [notify acquired 0, serial on disk 1565763800, notify serial 0] Aug 16 14:52:03 one ods-signerd[4293]: [worker[1]] continue task [configure] for zone sycosys.de Aug 16 14:52:03 one ods-signerd[4293]: [worker[2]] continue task [configure] for zone schlueter.family Aug 16 14:52:03 one ods-signerd[4293]: [worker[1]] CRITICAL: failed to sign zone sycosys.de: General error Aug 16 14:52:03 one ods-signerd[4293]: [worker[1]] backoff task [configure] for zone sycosys.de with 60 seconds Aug 16 14:52:03 one ods-signerd[4293]: [worker[2]] CRITICAL: failed to sign zone schlueter.family: General error Aug 16 14:52:03 one ods-signerd[4293]: [worker[2]] backoff task [configure] for zone schlueter.family with 60 seconds Aug 16 14:52:03 one ods-signerd[4293]: [query] ignore notify from
> 127.0.0.1: already got zone schlueter.family serial 1565763800 on disk (received 1565763800) Aug 16 14:53:03 one ods-signerd[4293]: [worker[2]] CRITICAL: failed to sign zone schlueter.family: General error Aug 16 14:53:03 one ods-signerd[4293]: [worker[1]] CRITICAL: failed to sign zone sycosys.de: General error Aug 16 14:53:03 one ods-signerd[4293]: [worker[2]] backoff task [configure] for zone schlueter.family with 120 seconds Aug 16 14:53:03 one ods-signerd[4293]: [worker[1]] backoff task [configure] for zone sycosys.de with 120 seconds
> 
> What should I investigate and do first?
> 
> Thanks & regards
> Uli
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
> 


More information about the Opendnssec-user mailing list