Hi Rickard
I appreciate the help.
Its not timing as the key can be pulled before, it seems that the request for
the CKO_PRIVATE_KEY is failing.
2014-06-11 13:59:41 [4212] t002747eb417f: pkcs11: 08DA >CKA_CLASS:
CKO_PRIVATE_KEY
vs
2014-06-11 13:57:01 [4252] t40978d224f7f: pkcs1
On Wed, Jun 11, 2014 at 12:15 PM, David Peall
wrote:
> Here is the log line:
> Jun 11 12:03:41 ods-signerd: [hsm] unable to get key: key
> 5a4cf5871ef16a77118283e8666f486b not found
>
> 2014-06-11 12:03:41 [6670] t0067acf3ff7f: pkcs11: 08DB >>
> C_FindObjectsInit
> 2014-06-11 12:03:41 [66
Here is the log line:
Jun 11 12:03:41 ods-signerd: [hsm] unable to get key: key
5a4cf5871ef16a77118283e8666f486b not found
Corresponding debug from HSM log
2014-06-11 12:03:41 [6670] t0067acf3ff7f: pkcs11: 08CB >>
C_GetSessionInfo
2014-06-11 12:03:41 [6670] t0067acf3ff7f: pkcs11: 0
On 10/06/14 15:40, David Peall wrote:
> Trying a key rollover I get the following:
> ods-enforcerd: Key 85d783cf86e25fe6c9bce3cbac1cf851 in DB but not repository.
>
> Run as the opendnssec user:
> ods-hsmutil list thales | grep 85d783cf86e25fe6c9bce3cbac1cf851
> thales85d783cf86e
