[Opendnssec-user] [hsm] unable to get key

Michael Grimm trashcan at ellael.org
Fri Apr 16 11:26:00 UTC 2021

Berry van Halderen <berry at nlnetlabs.nl> wrote:
> On 2021-04-15 22:37, Michael Grimm wrote:

>> Would it be an option to remove those no longare available Locator
>> entries in /usr/local/var/opendnssec/signconf/ manually (by
>> scripting)?
> That will help, but I would remove them just once by editing it.


> Next step of the enforcer would be to remove those entries, so they
> shouldn't come back, and I'll have a hardenend signer for  you then
> anyway.

Thanks for that in advance.

> For now, just remove the keys from the signconf and perform a
>  ods-signer update --all

Manual removal and 'ods-signer update —all' fixed it; signing is back to normal.

Thank you very much for your help!

With kind regards,

More information about the Opendnssec-user mailing list