OpenDNSSEC 2.1.9

Version 2.1.9 of OpenDNSSEC has been released on 2021-05-03.


This release contains two changes that avoid some problems with certain HSM configuration, one of them is SoftHSMv2 in database back-end mode.
This can lead to temporarily not being able to sign zones, hence upgrading is really recommended.
It does not occur on all systems and configurations though.


  • OPENDNSSEC-955: Prevent concurrency between certain valid PKCS#11 HSM operations to avoid some keys to be (transiently) unavailable.
  • OPENDNSSEC-956: Harden signing procedure to still sign zones for which there are unused keys specified in the zone which are unavailable.


Comments are closed.