[Opendnssec-user] OpenDNSSEC-2.1.8 and SoftHSM-2.6.1 and a huge(?) repository

Michael Grimm trashcan at ellael.org
Wed Mar 10 19:26:44 UTC 2021


I updated to OpenDNSSEC 2.1.8 today, and found a lot of …

	[hsm_key_factory_get_key] removing key 1a0ff0971e71b7de02685c762da272bb from HSM

… in my ods' logfile. 

I do assume that this has to do with what is mentioned in the release notes:

	This release of 2.1.8 fixes a number of bugs related to the purging of keys, ...


And, I found out (while investigating) that my SoftHSM repository is huge …

	dns2> ls -al /var/lib/softhsm/tokens/x-y-z/ | wc 
	9692 96912 910872 

… that a …

	dns2> ods-hsmutil list

	Listing keys in all repositories.

… hangs "forever" (1 hour at least).

Hmm, is this something to worry about? 
I am 3 days prior ZSK rollovers of several domains.
Besides that huge repository, everything looks normal to me.

Thanks and regards,

More information about the Opendnssec-user mailing list