[Opendnssec-user] Export Import

Discussion:

[Opendnssec-user] Export Import

Luciano Minuchin

2017-10-11 19:45:32 UTC

Hi, I want to ask a question about Export and Import KEYs
Generate a KSK key on a server with Opendnssec + Softhsm.

Export the KSK:
softhsm --slot 0 --pin 1234 --id bcd465b8c1bcd328ff3ae3e4ba5201d9 --export
zsk.pem

Import KSK in other server:
softhsm --import ksk.pem --slot 0 --label "My key" --id
bcd465b8c1bcd328ff3ae3e4ba5201d9 --pin 1234 --force

But when doing ods-ksmutil key list -v in the import server I do not see
the new KSK.

Can you help me?

.

Yuri Schaeffer

2017-10-12 09:07:54 UTC

Post by Luciano Minuchin
But when doing ods-ksmutil key list -v in the import server I do not see
the new KSK.

After the softhsm commands the key is only imported in the HSM.
OpenDNSSEC doesn't know it so you need to do a ksmutil key import first
to add it to your database.

More information here:
https://wiki.opendnssec.org/display/DOCS/Migrating+to+OpenDNSSEC#MigratingtoOpenDNSSEC-AddthekeystoOpenDNSSEC

//Yuri

1 Reply
1 View
Permalink to this page
Disable enhanced parsing

Thread Navigation

Luciano Minuchin 2017-10-11 19:45:32 UTC

Yuri Schaeffer 2017-10-12 09:07:54 UTC

about - legalese

Loading...