-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I think what happens here is that the signer configuration cannot be validated. However, when issuing sign <zone> command, it will try to read the zone and sign anyway. A fix for checking whether the signer configuration validated would be wise and has been committed to the repository. Thanks, Matthijs On 08/16/2011 08:37 AM, Miek Gieben wrote: > Hello, > > We have connected ods to a new partition in our HSM. The ods install wasn't > cleaned > so it still thinks old keys are valid (i.e. the whole kasp.db is messed up). > > Obviously this setup will fail, but I'm also hit with an assertion failure. > The > relevant logging is here: > > signertest ods-signerd: [hsm] unable to get key: key > 00c8f5813717302a753d3a625b4f398a not found > signertest ods-signerd: [zone] unable to publish dnskeys zone nl: error > creating DNSKEY for key > 00c8f5813717302a753d3a625b4f398a > signertest ods-signerd: [worker[2]] backoff task [load signconf for] for zone > nl with 120 seconds > signertest ods-signerd: signer/tools.c:229: tools_nsecify: assertion > zone->nsec3params failed > > Regards, > > -- > Miek Gieben > > > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOSkvwAAoJEA8yVCPsQCW5UCIH/0G5jkVFrkMAV3Je6KVWAkKr SiFzUmB5+VFejAh92bSdvmTgavY25H1BHhoBGP8hJNFPheUw5GvMTDcPGp6CKBGG T4e5AZ8/WXXetYEnc7adDw5RthI4mIK4UMFgMVbNhPEPs7G6nvzV/65Oiuvgf0ra 6zZmm5P20zFyIH+5mSwU6dc9Z7RbNyiXFVrQaNNzzaGfJI/0Uc/mgN9Mb9ddTrOZ ad82ZpZPGq46k9G/Ckzg69FjDDCmJXdn4WXhGviDkkYVJNzTfvdIuvJzAN7wUTF4 rkEL6MV9q5qbN9jBgfQ9R73GehAifAnEahcSYondUWX9AmBEw3k/ixXSED3gPjU= =epfK -----END PGP SIGNATURE----- _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
