On Tuesday 15 Mar 2011 8:10:57 pm Sebastian Castro wrote: > On 03/16/2011 05:18 AM, Carlos M. Martinez wrote: > > Hello all, > > Hi Carlos, > > > This is probably a (very) noob question, but, I need to get it out of my > > mind: > > > > - When adding a zone, the auditor complains about not finding an XML > > config file for the zone signing. If I use ods-signer to try to sign the > > zone, I get a message stating that the zone is not yet being signed > > > > - Around one hour later, the zone is effectively signed with a brand new > > key > > > > The question is: which process controls the generation of this XML file > > and how can I force it to run earlier and not wait this period of time? > > It's the enforcer which creates the signconf file, so probably you have > it running each hour. What version of openDNSSEC are you running? > > Based on the information compiled by Patrik Wallstrom here > (http://www.opendnssec.org/2011/02/17/running-opendnssec-with-50000-zones/) > if you want to activate a zone for signing immediately, you can call the > enforcerd manually like > > ods-enforcerd -1 > > to have the signconf file created and the keys set for the zone.
Or you can send a SIGHUP to the ods-enforcerd process that is running to wake it up. Sion _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
