Hello, I'm struggling to understand why auditor has been complaining: I had a ZSK that was in use too long (because no further keys were generated). So at that point I ussued a ksmutil key generate which worked perfectly. After some time I saw then this:
ods-auditor[20026]: Key (24150) has gone to active use, but has only been prepublished for 26946 seconds. Zone SOA ttl is 43200 Why is the SOA ttl considered for the check? DNSKEY TTL I'd understand, but SOA? As a certainly unwanted sideeffect, the auditor (or the calling process) didn't like that situation at all, as the auditor started to go over the affected zones over and over again (restarting immediately after each run). Best, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473 _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
