In ODS 2.1.x, I'm working on full DS-record automation using APIs for different
registrars.
Within conf.xml, the two options for triggering scripts are
<DelegationSignerSubmitCommand>
<DelegationSignerRetractCommand>
What are the specific prerequisites & timing for these to be called?
Reading
https://www.opendnssec.org/documentation/using-opendnssec/
"Configure the <DelegationSignerSubmitCommand> if you want to
have a program/script receiving the new KSK during a key rollover. This will
make it possible to create a fully automatic KSK rollover, where OpenDNSSEC
feed your program/script on stdin with the current set of DNSKEYs that we want
to have in the parent as DS RRs. There are two examples available: an eppclient
and a simple mail script. Remember that the ods-ksmutil key ds-seen must be
given in order to complete the rollover. This should only be done when the new
DS RRs are available on the parents public nameservers."
it's unclear.
Is ODS enforcer polling for a specific trigger to fire each script?
Or do we need to add polling of some sort in the scripts themselves?
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
