On 26-09-16 18:43, David Peall wrote:
> OpenDNSSEC shooting its own DB seems to be a rather drastic bug, what is
> the timeline on a fix for this?
I am going to guess you added your zones via the command line interface
and proceeded later with a 'ods-enforcer update all'. Which indeed
deletes all
Hi
Ok so I came right I added the zone entries in the zone table.
Then I added the keyData for the KSK’s and linked them to the correct zone and
the correct key in the hsmKey table.
I started and then stopped the OpenDNSSEC system.
It created the default keyState entries I used that and the fo
27;ods-hsmutil
remove id'.
Regards,
Hoda Rohani
From: Opendnssec-user [mailto:opendnssec-user-boun...@lists.opendnssec.org] On
Behalf Of David Peall
Sent: Monday, September 26, 2016 12:31 PM
To: Opendnssec-user@lists.opendnssec.org List
Subject: [Opendnssec-user] odd-enforce zapping domain
Hi
I’ve been looking around I’m using the following to extract the DNSKEY values
out of the HSM and match them to the zone files so I can re link them in the
database.
KSK - ods-hsmutil dnskey test 257 8
ZSK - ods-hsmutil dnskey test 257 8
The rest of the database looks fairly straight forwa
Hi
Is it possible to rebuild the database for 3 zones that were delete from the
database. ods-signer is still signing the 3 domains:
ods-signer zones
There are 3 zones configured
- 1
- 2
- 3
ods-enforcer zone list
Database set to: opendnssec
No zones in database.
zone list completed in 0 secon
