searching for this stuff kind of sucks

After apcupsd turned my computer off and it came back up, I was getting:

knotd[8431]: error: [thebackupbox.net.] zone event 'load' failed (missing active KSK or ZSK)

in my error logs.

My first thought was that the file was missing, or that the permissions were wrong.

There /was/ a lot of wrong permissions on those files, but changing them didn't help anything.

I also had a bunch of unused files scattered in /var/lib/knot.

Also not what cause causing that error.

After looking at everything in knotc, I found there was at least one other program that shipped with knotd that I could try to use.

The name seemed like it would be a likely place to fix bugs related to keys.

"keymgr"

There was another zone that was having the same error, so I tested a bunch of dumb stuff on that, and ended up causing new keys to be generated for it.

But it started loading the old keys too after I just, told keymgr to import the key it already knew about, from the file it had sitting around already.

So I did that for thebackupbox.net and it started working right. So.. what I did was:

# keymgr thebackupbox.net list
8dafd9bff4e536403e1f1739f8b565db8aab6cbf 64741 KSK ECDSAP256SHA256 created=1611969695 publish=1611969695 ready=1611969695 active=1611971972
4dd5fa87c0d7008035e2fb560a8e8b05eaf866e3   284 ZSK ECDSAP256SHA256 created=1744471988 publish=1746581595 active=1746581595
# cd /var/lib/knot/keys/keys
# keymgr thebackupbox.net import-pem ./8dafd9bff4e536403e1f1739f8b565db8aab6cbf.pem ksk=true algorithm=ECDSAP256SHA256 created=1611969695 publish=1611969695 ready=1611969695 active=1611971972
# keymgr thebackupbox.net import-pem ./4dd5fa87c0d7008035e2fb560a8e8b05eaf866e3.pem ksk=false algorithm=ECDSAP256SHA256 created=1744471988

and... I might have told it to zone-sign with knotc? I don't remember. >_> probably should have done it automatically anyway.