Hi, > Thank you for the advice. The reason I choose OpenDNSSEC is because of the > keys management and not because of the signing functionality. It's also > "fluent" in PKCS11 to work with HSM, when other tools required openssl + > patches, at least at the time the system was planned.
I see, you’re going for pragmatism rather than the conceptual framework. You might want to try the one-shot mode of the signer, rather than running it as a daemon. -Rick _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
