Hi, We are finally planning a migration from 1.4 to 2.1 and at the same time looking at having a proper backup signer setup. We're using SoftHSM, my question is whether we have to pre-generate keys, copy them to the backup and trust that ODS rollovers are in close enough sync? Is it feasible to instead constantly sync keys from master to slave, with the backup set to manual rollover, so if and when the master goes offline we can switch the backup "on" and have it be the new signer with automatic rollovers?
All ideas and information welcome. .einar _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
