What is possible is to have BIND use PKCS#11 to use the keys stored in SoftHSM.
I should have added that a key rollover is possible from one to another. The
basic idea is to create new keypairs in BIND (dnssec-keygen) and then import
them key into SoftHSM for a rollover in OpenDNSSEC. Once that has completed,
the zone can be migrated from the latter to the former.
(requires many amounts of <favorite strong beverage>)
-JP
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
