On Mon, Jun 9, 2014 at 7:27 PM, Randy Bush <[email protected]> wrote: > > all ds are seen. repository is flagged. i am still not asked to back > keys up. > > <Repository name="SoftHSM"> > > <Module>/usr/local/lib/softhsm/libsofthsm.so</Module> > <TokenLabel>opendnssec</TokenLabel> > <PIN>VibogNond1</PIN> > <RequireBackup/> > <SkipPublicKey/> > </Repository> >
Are the keys generated after the update to the policy? Changes to the policy only applies to keys generated after the change. Could it be that the message is not logged because the ZSK is generated in the same repository as the KSK? See the if-statement in: https://github.com/opendnssec/opendnssec/blob/1.4/master/enforcer/enforcerd/enforcer.c#L575 // Rickard
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
