Problem fixed. Thanks to Pavel who showed me a useful help file.
Le mar. 6 avr. 2021 à 23:41, François RONVAUX <francois.ronv...@gmail.com> a écrit : > Hello, > > My server runs OpenBSD v6.8 with the softwares from the official OpenBSD > packages repositories : OpenDNSSEC v 2.1.6.p0 and SoftHSM2 v2.6.1p0. > > I follow this guide (that is not very old) : > https://toutetrien.lithio.fr/article/signer-sa-zone-dns-avec-opendnssec > > When I lauch the service with "rcctl start opendnssec", I get this in the > log... > > $ cat /var/log/daemon > ods-kaspcheck: INFO: The XML in /etc/opendnssec/conf.xml is valid > ods-kaspcheck: INFO: The XML in /etc/opendnssec/kasp.xml is valid > ods-kaspcheck: WARNING: In policy default, Y used in duration field for > Keys/KSK Lifetime (P1Y) in /etc/opendnssec/kasp.xml - this will be > interpreted as 365 days > ods-kaspcheck: WARNING: In policy lab, Y used in duration field for > Keys/KSK Lifetime (P1Y) in /etc/opendnssec/kasp.xml - this will be > interpreted as 365 days > ods-kaspcheck: INFO: The XML in /etc/opendnssec/zonelist.xml is valid > ods-enforcerd: [engine] running as pid 92618 > ods-enforcerd: [engine] enforcer started > ods-enforcerd: [engine] hsm_get_slot_id(): could not find token with the > name OpenDNSSEC > ods-enforcerd: [engine] fail to start enforcerd completely > ods-enforcerd: setup failed: HSM error > ods-enforcerd: [engine] enforcer shutdown > ods-enforcerd: [engine] enforcerd (pid: 92618) stopped with exitcode 3 > > I do not understand because SoftHSM has the good token : > $ softhsm2-util --show-slots > Available slots: > Slot 399449823 > Slot info: > Description: SoftHSM slot ID 0x17cf1edf > Manufacturer ID: SoftHSM project > Hardware version: 2.6 > Firmware version: 2.6 > Token present: yes > Token info: > Manufacturer ID: SoftHSM project > Model: SoftHSM v2 > Hardware version: 2.6 > Firmware version: 2.6 > Serial number: 39e5880397cf1edf > Initialized: yes > User PIN init.: yes > Label: OpenDNSSEC > Slot 1 > Slot info: > Description: SoftHSM slot ID 0x1 > Manufacturer ID: SoftHSM project > Hardware version: 2.6 > Firmware version: 2.6 > Token present: yes > Token info: > Manufacturer ID: SoftHSM project > Model: SoftHSM v2 > Hardware version: 2.6 > Firmware version: 2.6 > Serial number: > Initialized: no > User PIN init.: no > Label: > > I did not find explanations on Google, this is why I post here. > > Can someone help me ? > > Thanks in advance. >
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
