Discussion:
[Opendnssec-user] KSK Rolloverdate in opendnssec2
Gerhard Schmidt
2018-06-11 06:28:40 UTC
Permalink
HI,

I'm using opendnssec 1.4 at work and opendnssec 2 on a club site.
opendnssec reports the next transition date for each key separately

x.de KSK active 2020-01-26 12:04:17
x.de ZSK active 2018-07-10 03:06:01

so i can see when i have to rollover the KSK as that has to be done
manually.

opendnssec2 reports for all keys the same date
y.de KSK active 2018-06-20 02:23:05
y.de ZSK active 2018-06-20 02:23:05

how can i get the date of the KSK rollover ind ods2?

Regard
Estartu
Berry A.W. van Halderen
2018-06-11 09:18:19 UTC
Permalink
Post by Gerhard Schmidt
HI,
I'm using opendnssec 1.4 at work and opendnssec 2 on a club site.
opendnssec reports the next transition date for each key separately
x.de KSK active 2020-01-26 12:04:17
x.de ZSK active 2018-07-10 03:06:01
so i can see when i have to rollover the KSK as that has to be done
manually.
opendnssec2 reports for all keys the same date
y.de KSK active 2018-06-20 02:23:05
y.de ZSK active 2018-06-20 02:23:05
how can i get the date of the KSK rollover ind ods2?
There is the command:

ods-enforcer rollover list

Which will give the planned dates for the rollover. They might still
coincide of course. The key list command will indicate at which time
the enforcer will re-inspect the validity of the key lifetime. Hence
the column states the "next translation date" rather than the
rollover time.

With kind regards,
Berry van Halderen

Loading...