regards,
--
*CS Catalin LEANCA*
ICI ROTLD - Serviciul Tehnic
Bd. Maresal Averescu 8-10,
Sector 1, Bucuresti
Mobil: +40 744 81
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
ance, />/ >> />/ >> Mathew Eis />/ >> Northern Arizona University />/ >> Information Technology Services />/ >> />/ > />/ >-- />/ >Mark Andrews, ISC />/ >1 Seymour St., Dundas Valley, NSW 2117, Australia />/ >PHONE: +61 2 9
Hello,
I have BIND 9.10 compiled with native PKCS#11 support and Thales nShield
Connect HSM.
The problem is with dnssec-keyfromlabel that is unable to generate key
pair from HSM.
First, the keys were generated in HSM using OpenDNSSEC.
The keys are correctly listed by following command:
$ sudo
Problem solved.
Manual helped: "If the label contains a pin-source field, tools using
the generated key files will be able to use
the HSM for signing and other operations without any need for an
operator to manually enter a
PIN."
Thank you !
On 08/04/15 19:21, Catalin Leanca wro
Hello,
It helps only for dnssec-keyfromlabel tool that accepts "-l" parameter,
but for dnssec-signzone i didn't find any reference. And the main problem
is automatically internal signing with "auto-dnssec".
On 08/04/15 18:21, Jeremy C. Reed wrote:
My question is about auto-dnssec feature that
automatically and i did't find a way to provide the PIN
throught configuration files ?
Best regards,
Catalin LEANCA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-
6 matches
Mail list logo
