Hello, As a follow-up to this issue:
> ods-signerd: could not find key fc477155ce7eeff5eeb9e67fb47a9492 The problem seems to be related to the working of the PKCS11 provider. What happens is that "ods-ksmutil key generate" starts a process to have the HSM create keys (via PKCS#11). This works, but the process ods-signer (which has been started before the key generation) is not seeing the newly generated keys (C_FindObjects gets no result). As the signer is remaining whithin its PKCS11 session I don't know if that's expected or not. Stopping/starting the signer fixes this. It is unclear to me if OpenDNSSEC could or should address this, or if it's rather an PKCS11 provider implementation fault. Comments would be most welcome... Best, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473 _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
