Hi David, After deleting the zones in the enforcer, you need to run 'ods-signer update'. This command forces signer to get the updates, you won't see deleted zones in the signer's queue any more.
Yes, keys remain in the hsm. For deleting keys, you can issue 'ods-hsmutil remove id'. Regards, Hoda Rohani From: Opendnssec-user [mailto:[email protected]] On Behalf Of David Peall Sent: Monday, September 26, 2016 12:31 PM To: [email protected] List <[email protected]> Subject: [Opendnssec-user] odd-enforce zapping domains Hi Is it possible to rebuild the database for 3 zones that were delete from the database. ods-signer is still signing the 3 domains: ods-signer zones There are 3 zones configured - 1 - 2 - 3 ods-enforcer zone list Database set to: opendnssec No zones in database. zone list completed in 0 seconds. Keys are still in the HSM. I need to keep the KSK at minimum the ZSK and RRSIG records can be re-generated. Regards — David Peall
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
