Hi, I'm currently running OpenDNSSEC 2.1.3 and after some experimenting, I now want to remove some old policies and keys. Some of the testing has already been done using version 1.4 or 2.0 and the installation was upgraded.
When I try to remove the old policy "lab2", I get this error: # ods-enforcer policy import -r [...] Unable to delete policy lab2, there are still hsm keys using this policy! However, there is no zone left using that policy and trying to purge its keys doesn't succeed either: # ods-enforcer key purge -p lab2 No zones on policy lab2 No keys to purge What's the best way to proceed in this situation? Are there any tools that can help me? Is it safe to manually remove keys from the table "hsmKey" in the database after stopping OpenDNSSEC? Regards, Julian _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
