I checked perms as described. Turned up logging verbosity. "ods-ksmutil key list --verbose" does not spit out any keys.
Regards Uli Am 16.08.19 um 16:39 schrieb Jake Zack: > Check permissions on: > /etc/opendnssec > /var/opendnsec > /var/lib/softhsm > +whatever files/directories are listed in /etc/opendnssec/zonelist.xml > > Verify "ods-ksmutil key list --verbose" spits out keys... > > -----Original Message----- > From: Opendnssec-user <[email protected]> On > Behalf Of Ulrich-Lorenz Schlüter > Sent: August 16, 2019 9:14 AM > To: [email protected] > Subject: [EXT] [Opendnssec-user] CRITICAL: failed to sign zone > > Hello list > > I just set up > opendnssec version 1.4.14 and softhsm version 2.5.0 > > Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone schlueter.family request > axfr to 127.0.0.1 Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] zone > sycosys.de request axfr to 127.0.0.1 Aug 16 14:52:03 one ods-signerd[4293]: > [xfrd] zone schlueter.family transfer done [notify acquired 0, serial on disk > 1565763800, notify serial 0] Aug 16 14:52:03 one ods-signerd[4293]: [xfrd] > zone sycosys.de transfer done [notify acquired 0, serial on disk 1565763800, > notify serial 0] Aug 16 14:52:03 one ods-signerd[4293]: [worker[1]] continue > task [configure] for zone sycosys.de Aug 16 14:52:03 one ods-signerd[4293]: > [worker[2]] continue task [configure] for zone schlueter.family Aug 16 > 14:52:03 one ods-signerd[4293]: [worker[1]] CRITICAL: failed to sign zone > sycosys.de: General error Aug 16 14:52:03 one ods-signerd[4293]: [worker[1]] > backoff task [configure] for zone sycosys.de with 60 seconds Aug 16 14:52:03 > one ods-signerd[4293]: [worker[2]] CRITICAL: failed to sign zone > schlueter.family: General error Aug 16 14:52:03 one ods-signerd[4293]: > [worker[2]] backoff task [configure] for zone schlueter.family with 60 > seconds Aug 16 14:52:03 one ods-signerd[4293]: [query] ignore notify from > 127.0.0.1: already got zone schlueter.family serial 1565763800 on disk > (received 1565763800) Aug 16 14:53:03 one ods-signerd[4293]: [worker[2]] > CRITICAL: failed to sign zone schlueter.family: General error Aug 16 14:53:03 > one ods-signerd[4293]: [worker[1]] CRITICAL: failed to sign zone sycosys.de: > General error Aug 16 14:53:03 one ods-signerd[4293]: [worker[2]] backoff task > [configure] for zone schlueter.family with 120 seconds Aug 16 14:53:03 one > ods-signerd[4293]: [worker[1]] backoff task [configure] for zone sycosys.de > with 120 seconds > > What should I investigate and do first? > > Thanks & regards > Uli > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user > _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
