Here are the logs
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: unable to open file
/var/lib/opendnssec/signconf/tz.xml for reading: No such file or directory
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: unable to open file
/var/lib/opendnssec/signconf/tz.xml for reading: No such file or directory
Jul 4 10:57:41 ubuntu-serv-dnssec ods-signerd: zone tz has policy
default configured, but has no (valid) signconf file
Jul 4 10:57:41 ubuntu-serv-dnssec ods-enforcerd: Key sharing is Off.
Jul 4 10:57:42 ubuntu-serv-dnssec ods-enforcerd: Error creating key in
repository SoftHSM
Jul 4 10:57:42 ubuntu-serv-dnssec ods-enforcerd: generate key pair:
CKR_GENERAL_ERROR
Hi,
I did *ods-control start* and watch the logs at the same time.I noticed
that the key is not created.and further to that I noticed that there is
not tz.xml in signconf directory.My question is when is this file
created and what are the contents.I decided to do a touch tz.xml the
file was created but when doing ods-control start it tells me that the
file is empty and expective < tag meaning that is supposed to have contents.
On 07/01/2011 12:31 PM, Rickard Bellgrim wrote:
On Fri, Jul 1, 2011 at 11:29 AM, Rickard Bellgrim
<[email protected]> wrote:
The zone will be signed before the KSK is considered to be active. It
is just that the DNSKEY+RRSIG must propagate before you can send up
the DS to the parent zone.
And in your test environment you can just skip sending the DS and just
give the ds-seen command straight away.
// Rickard
--
Regards,
Bryton.
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
