On Mon, 27 Feb 2012, Rick van Rein wrote:
1. Feb 26 19:45:21 debian ods-enforcerd: NOTE: keys generated in
repository SoftHSM will not become active until they have been
backed up
Back them up and run ods-ksmutil backup done. Or better, use the
prepare/commit parts before/after the backup. If you don't want
to backup your keys (seriously?!?) you can set that in the config-
files. The default configfiles assume you are taking precautions
and therefore making backups.
Actually, I find that feature rather strange. What other software on
a unix server is asserting that you manually tell it you made a
backup before it can be used?
IMHO, that's a feture best retired, especially because it is giving
people issues to start signing in the first place. But if people
want to keep it, allow signing anyway, but nag via a daily cron job?
Paul
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
