On 13-11-17 08:30, Dennis Baaten wrote: >> I find it also strange that these dates are all in the past, and nothing > seems to be happening. It gives me the feeling that ODS is not working. > > My ODS implementation is based on input and output files. In order to check > whether ODS is working, I checked the date that the signed zone files were > last updated. I discovered that all zone files are last updated after the > execution of 'ods-migrate'. > > -rw-r--r-- 1 opendnssec opendnssec 17526 Nov 3 11:14 db_signed.xxx > -rw-r--r-- 1 opendnssec opendnssec 12415 Nov 3 11:14 db_signed.xxx > -rw-r--r-- 1 opendnssec opendnssec 12642 Nov 3 11:14 > db_signed.dennisbaaten.com > -rw-r--r-- 1 opendnssec opendnssec 10192 Nov 3 11:14 db_signed.xxx > -rw-r--r-- 1 opendnssec opendnssec 11403 Nov 3 11:14 db_signed.xxx > -rw-r--r-- 1 opendnssec opendnssec 33545 Nov 3 11:14 db_signed.xxx > -rw-r--r-- 1 opendnssec opendnssec 12716 Nov 3 11:14 db_signed.xxx > >>From my perspective this confirms that the manual rollover I performed for > dennisbaaten.com (which as approx. 1 day after 'ods-migrate') was not > executed at all, since no changes have been made to the zone file.
That timestamp indeed seems strange. If a rollover would have happened I would expect that value to be updated. Is the signer running? - what is it logging? If you want I can take a look at your setup to make sure everything is in order. Can you provide me with the following details: - output of: ods-enforcer key list -d - output of: ods-enforcer queue - timestamp on signconf of dennisbaaten.com off list: - signconf of dennisbaaten.com - kasp.db //Yuri
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
