+--On 10 juin 2011 08:39:32 +0100 Siôn Lloyd <s...@nominet.org.uk> wrote: | |> I found out that the signer had a, "update" command, so, I tried another |> zone, and after the enforcer generated the new signconf, I did : |> ods-signer update ZONE |> |> That kicked the signer and it picked up the new key. |> |> I don't really understand why the enforcer doesn't kick the signer as I |> guess it should. | LOG_ERR, "Could not call signer engine" | LOG_INFO, "Will continue: call 'ods-signer update' to manually update | zones" | | Do you know if anything like this was logged at the time that the | enforcer ran?
I've checked the logs, and no, it never said that. It's buggering me because the ZSK rollovers do happen just fine. Maybe the codepath is a bit different when it's a manual KSK rollover of a zone with a normally automatic one ? -- Mathieu Arnold _______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
