Hi all, now I've OpenDNSSEC up and running with a Bind using views to serve zones.
I added 4 zones to Bind. Three of them are already signed. The forth will not sign because of this error message: ods-enforcerd: Not enough keys to satisfy ksk policy for zone: <domain> The docs say for this error message: > One of these messages will be seen if the enforcer does not have enough > unallocated keys to provide for the zone specified. If the > ManualKeyGeneration tag is set in conf.xml then you will need to create > new keys usingods-ksmutil key generate, otherwise new keys will be > created when the enforcer runs next. (Dont forget to backup any new > keys.) ManualKeyGeneration is diabled in conf.xml: <!-- <ManualKeyGeneration/> --> Logfile says ods-enforcerd: ods-enforcerd will create some more keys on its next run but it does not after some hours. This error message is repeated again and again. I'm using a SoftHSM. Has anybody an idea what I need to do for getting automated as much keys as needed? Best regards, Volker Janzen _______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
