On 21.08.2017 09:37, Hoda Rohani wrote: > Hello, > > > On 19-08-17 17:07, Julian Brost wrote: >> Hi, >> >> I'm currently running OpenDNSSEC 2.1.3 and after some experimenting, I >> now want to remove some old policies and keys. Some of the testing has >> already been done using version 1.4 or 2.0 and the installation was >> upgraded. >> >> When I try to remove the old policy "lab2", I get this error: >> >> # ods-enforcer policy import -r >> [...] >> Unable to delete policy lab2, there are still hsm keys using this policy! >> >> However, there is no zone left using that policy and trying to purge its >> keys doesn't succeed either: >> >> # ods-enforcer key purge -p lab2 >> No zones on policy lab2 >> No keys to purge >> > > Didn't expect that.
I think these keys are somehow left over from my experiments with SoftHSM v2 where I at some point deleted all test zones using that repo and wiped the SoftHSM v2 store. >> What's the best way to proceed in this situation? Are there any tools >> that can help me? Is it safe to manually remove keys from the table >> "hsmKey" in the database after stopping OpenDNSSEC? >> > I'd like to see your database. Is it possible to send it privately to me? Sure, you'll receive another mail in a few moments. Regards, Julian _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
