Uploaded image for project: 'Support'
  1. Support
  2. SUPPORT-174

ksm key-import doesn't support REVOKED keys

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: OpenDNSSEC 1.4.7
    • Fix Version/s: None
    • Component/s: Configuration
    • Labels:
      None
    • Environment:

      opendnssec 1.4.7/devel

      Description

      A small nit, after you kindly added the possibility to manually REVOKE keys: ksmutil key import doesn't allow me to set state = REVOKED upon import.

      ods-ksmutil key import --cka_id xxxx --repository nCthales --zone ma03 --bits 2048 --algorithm 8  --keystate revoke --keytype KSK --time 20200820111213
Error: Unrecognised state revoke; should be one of GENERATE, PUBLISH, READY, ACTIVE or RETIRE

      A workaround is to import as RETIRE and then manually revoke the key with ksk-revoke.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            jpmens Jan-Piet Mens
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: