[Opendnssec-user] [hsm] unable to get key
Randy Bush
randy at psg.com
Sun Aug 22 21:24:34 UTC 2021
> I'm looking for both cause and quick fix. For either, can you
> perform a
> ods-enforcer key list -d | grep eae33574e49b6b581e348f6252fb86a5
# ods-enforcer key list -d | grep eae33574e49b6b581e348f6252fb86a5
#
> I'm wondering whether this key is being retired.
> In which case a patch fix might be to remove the signconf file
> for this zone;
> rm /var/opendnssec/signconf/hipster.biz.xml
> and regenerate this:
> ods-enforcer signconf
it'a all zones. i could do it for all? maybe experiment with this one
first.
# rm /usr/local/var/opendnssec/signconf/hipster.biz.xml
# ods-enforcer signconf
# ls -l /usr/local/var/opendnssec/signconf/hipster.biz.xml
-rw-r--r-- 1 opendnssec opendnssec 971 Aug 22 20:54 /usr/local/var/opendnssec/signconf/hipster.biz.xml
removing that one and `ods-enforcer signconf` either stopped the problem
or broke logging :)
randy
More information about the Opendnssec-user
mailing list