converting from opendnssec/openhsm?
Jan-Piet Mens
list at mens.de
Fri Jan 27 18:51:48 UTC 2023
>What is possible is to have BIND use PKCS#11 to use the keys stored in SoftHSM.
I should have added that a key rollover is possible from one to another. The
basic idea is to create new keypairs in BIND (dnssec-keygen) and then import
them key into SoftHSM for a rollover in OpenDNSSEC. Once that has completed,
the zone can be migrated from the latter to the former.
(requires many amounts of <favorite strong beverage>)
-JP
More information about the bind-users
mailing list