Misleading (or inaccurate) message during import-pkcs11
If a zone is defined in Knot's configuration, but is not configured with dnssec-signing: on
, keymgr
emits a diagnostic message which, while correct, is not really helpful in diagnosing the problem.
$ preload keymgr . import-pkcs11 ea56bd06575e1315c33ed341e956c476 algorithm=rsasha256 ksk=yes zsk=no
error: not exists
This is likely a case of the code returning KNOT_ENOENT
without clarifying what the issue is.
It would be very helpful to be told exactly what doesn't exist (the zone, missing config, etc.)
knotd (Knot DNS), version 3.2.5