Hello,

It seems Like I have a bug on opendnssec-1.4.13-1.el7.x86_64.

Sometimes a zone sign fails and the next message appears in the log.


Aug  7 14:09:04 ns04 ods-signerd: [hsm] C_GetAttributeValue:
CKR_OBJECT_HANDLE_INVALID
Aug  7 14:09:04 ns04 ods-signerd: [hsm] unable to get key: hsm failed to
create dnskey
Aug  7 14:09:04 ns04 ods-signerd: [zone] unable to publish dnskeys for
zone $zone : error creating dnskey
Aug  7 14:09:04 ns04 ods-signerd: [tools] unable to read zone $zone:
failed to publish dnskeys (General error)
Aug  7 14:09:04 ns04 ods-signerd: [worker[2]] CRITICAL: failed to sign
zone $zone : General error
Aug  7 14:09:04 ns04 ods-signerd: [worker[2]] backoff task [read] for
zone $zone  with 3600 seconds

After a restart of ods-signerd the problem disappears.

Does anybody experience the same behavoir ?
--
Met vriendelijke groet,
Maurice Mahieu
system engineer
***@info.nl <mailto:***@info.nl>  | LinkedIn
<http://www.linkedin.com/in/maurice-mahieu-224a1821>  | +31 (0)20 530
9111 <tel:+31205309111>
info.nl <http://www.info.nl>
Sint Antoniesbreestraat 16  |  1011 HB Amsterdam  | +31 (0)20 530 9100
<tel:+31205309100>