On Tue, 8 Jan 2013, Siôn Lloyd wrote:
The problem is that this key is still showing up in the signconf XML
file, and is re-introduced when running ods-ksmutl update all. But it
has a wrong algorithm, and it just needs to vanish completely, as it is
just breaking the signerd (which also dies upon encountering this)
Is there a way to force deletion without knowing the state of the key?
No; at least not without running SQL against the kasp database... (The
theory is that we do not want to delete keys if we are not certain that
they are not being used somewhere else.)
Does the key show up in a key list command?
Yes it does, and it is also written into the signconf XML. I need this
key to completely vanish to prevent the signer from crashing.
Paul
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
