> Is there a way to force for new zone the ksk into active state with out to
> wait 1 day ?
Editing the database or using low values in your KASP.
The slowness in the system is there to protect you. The values in your
KASP should reflect the reality. Rolling too quick and DNSSEC
validation for yo
+--On 24 octobre 2011 16:32:34 +0200 Matthijs Mekking
wrote:
| -BEGIN PGP SIGNED MESSAGE-
| Hash: SHA1
|
| Hi Mathieu,
|
| You mentioned that you had upgraded to 1.3.2, but it didn't fix your
| problem. However, in your first e-mail you listed several problems:
|
| I was wondering whi
Is there a way to force for new zone the ksk into active state with out to wait
1 day ?
hcc-unix.nlKSK publish 2011-10-24 16:38:33
hcc-unix.nlZSK active2011-11-23 16:23:33
hcc-games.nlKSK publ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Mathieu,
You mentioned that you had upgraded to 1.3.2, but it didn't fix your
problem. However, in your first e-mail you listed several problems:
I was wondering which of these issues are still there.
Best regards,
Matthijs
> Yesterday morning
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Bas,
This zonefile seems to be working for me. Could I get the unsigned
zonefiles (off-list) to see whether the problem might be in the zonefiles?
Otherwise: could you try and run it with valgrind? Could you send me the
verbose log messages that a
+--On 24 octobre 2011 14:59:10 +0200 Peter Olsson wrote:
|> Here, the first does not do anything, and the second works :
|>
|> # ods-signer update mat.cc < /dev/null
|> # ods-signer update mat.cc
|> Zone mat.cc config being updated.
|> #
|
| One final question, which version of opendnssec do yo
On Mon, Oct 24, 2011 at 01:05:16PM +0200, Mathieu Arnold wrote:
> +--On 24 octobre 2011 11:56:41 +0100 Siôn Lloyd
> wrote:
> |> Here is xxx.se.sc:
> |> ;ODSSE1
> |> ;name: xxx.se
> |> ;filename: /usr/local/var/opendnssec/signconf/xxx.se.xml
> |> ;last_modified: 1315781548
> |>
> |
> | If the dat
Hi,
Is it possible to get a back trace from the core dump?
If you don't have a core dump please try and generate one.
Also, what version of opendnssec are you running?
Regards,
Jerry
Från: Bas van den Dikkenberg
Datum: Sun, 23 Oct 2011 19:02:04 +
Till: "opendnssec-user@lists.opendnssec
+--On 24 octobre 2011 13:16:12 +0200 Peter Olsson wrote:
| (Now what will happen when there are cached records out there
| with the purged ZSK? Is there a risk of complete zone failure,
| should I remove DS and start DNSSec fresh?)
Well, compare the DS TTL and the RRSIG TTL, you'll have your answ
On Mon, Oct 24, 2011 at 01:05:16PM +0200, Mathieu Arnold wrote:
> +--On 24 octobre 2011 11:56:41 +0100 Siôn Lloyd
> wrote:
> |> Here is xxx.se.sc:
> |> ;ODSSE1
> |> ;name: xxx.se
> |> ;filename: /usr/local/var/opendnssec/signconf/xxx.se.xml
> |> ;last_modified: 1315781548
> |>
> |
> | If the dat
+--On 24 octobre 2011 11:56:41 +0100 Siôn Lloyd
wrote:
|> Here is xxx.se.sc:
|> ;ODSSE1
|> ;name: xxx.se
|> ;filename: /usr/local/var/opendnssec/signconf/xxx.se.xml
|> ;last_modified: 1315781548
|>
|
| If the date here is correct it indicates that the file has not been
| updated since 11 Septemb
On 24/10/11 11:46, Peter Olsson wrote:
Hello!
Today we got this error, never seen it before:
Oct 24 09:55:27 ns1 ods-signerd: error creating RRSIG for rrset[15]
Oct 24 09:55:27 ns1 ods-signerd: failed to sign RRset[15]
Oct 24 09:55:27 ns1 ods-signerd: unable to sign zone data: failed to sign dom
Hello!
Today we got this error, never seen it before:
Oct 24 09:55:27 ns1 ods-signerd: error creating RRSIG for rrset[15]
Oct 24 09:55:27 ns1 ods-signerd: failed to sign RRset[15]
Oct 24 09:55:27 ns1 ods-signerd: unable to sign zone data: failed to sign domain
Oct 24 09:55:27 ns1 ods-signerd: task
13 matches
Mail list logo
