man.dnssec-revoke.html 5.59 KB
Newer Older
Tinderbox User's avatar
Tinderbox User committed
1 2
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
Tinderbox User's avatar
Tinderbox User committed
3
 - Copyright (C) 2000-2019 Internet Systems Consortium, Inc. ("ISC")
Tinderbox User's avatar
Tinderbox User committed
4 5 6 7 8 9 10 11 12 13 14
 - 
 - This Source Code Form is subject to the terms of the Mozilla Public
 - License, v. 2.0. If a copy of the MPL was not distributed with this
 - file, You can obtain one at http://mozilla.org/MPL/2.0/.
-->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>dnssec-revoke</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
15
<link rel="up" href="Bv9ARM.ch12.html" title="Manual pages">
Tinderbox User's avatar
Tinderbox User committed
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65
<link rel="prev" href="man.dnssec-keymgr.html" title="dnssec-keymgr">
<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a></td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"><a accesskey="n" href="man.dnssec-settime.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="refentry">
<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
  
  

  

  <div class="refnamediv">
<h2>Name</h2>
<p>
    <span class="application">dnssec-revoke</span>
     &#8212; set the REVOKED bit on a DNSSEC key
  </p>
</div>

  

  <div class="refsynopsisdiv">
<h2>Synopsis</h2>
    <div class="cmdsynopsis"><p>
      <code class="command">dnssec-revoke</code> 
       [<code class="option">-hr</code>]
       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
       [<code class="option">-V</code>]
       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
       [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>]
       [<code class="option">-f</code>]
       [<code class="option">-R</code>]
       {keyfile}
    </p></div>
  </div>

  <div class="refsection">
Evan Hunt's avatar
Evan Hunt committed
66
<a name="id-1.13.14.7"></a><h2>DESCRIPTION</h2>
Tinderbox User's avatar
Tinderbox User committed
67 68 69 70 71 72 73 74 75

    <p><span class="command"><strong>dnssec-revoke</strong></span>
      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
      in RFC 5011, and creates a new pair of key files containing the
      now-revoked key.
    </p>
  </div>

  <div class="refsection">
Evan Hunt's avatar
Evan Hunt committed
76
<a name="id-1.13.14.8"></a><h2>OPTIONS</h2>
Tinderbox User's avatar
Tinderbox User committed
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143


    <div class="variablelist"><dl class="variablelist">
<dt><span class="term">-h</span></dt>
<dd>
	  <p>
	    Emit usage message and exit.
	  </p>
        </dd>
<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
<dd>
          <p>
            Sets the directory in which the key files are to reside.
          </p>
        </dd>
<dt><span class="term">-r</span></dt>
<dd>
	  <p>
	    After writing the new keyset files remove the original keyset
	    files.
	  </p>
        </dd>
<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
<dd>
          <p>
            Sets the debugging level.
          </p>
        </dd>
<dt><span class="term">-V</span></dt>
<dd>
	  <p>
	    Prints version information.
	  </p>
        </dd>
<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
<dd>
          <p>
            Specifies the cryptographic hardware to use, when applicable.
          </p>
          <p>
            When BIND is built with OpenSSL PKCS#11 support, this defaults
            to the string "pkcs11", which identifies an OpenSSL engine
            that can drive a cryptographic accelerator or hardware service
            module.  When BIND is built with native PKCS#11 cryptography
            (--enable-native-pkcs11), it defaults to the path of the PKCS#11
            provider library specified via "--with-pkcs11".
          </p>
        </dd>
<dt><span class="term">-f</span></dt>
<dd>
          <p>
            Force overwrite: Causes <span class="command"><strong>dnssec-revoke</strong></span> to
            write the new key pair even if a file already exists matching
            the algorithm and key ID of the revoked key.
          </p>
        </dd>
<dt><span class="term">-R</span></dt>
<dd>
          <p>
	    Print the key tag of the key with the REVOKE bit set but do
	    not revoke the key.
          </p>
        </dd>
</dl></div>
  </div>

  <div class="refsection">
Evan Hunt's avatar
Evan Hunt committed
144
<a name="id-1.13.14.9"></a><h2>SEE ALSO</h2>
Tinderbox User's avatar
Tinderbox User committed
145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160

    <p><span class="citerefentry">
        <span class="refentrytitle">dnssec-keygen</span>(8)
      </span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 5011</em>.
    </p>
  </div>

</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a></td>
161
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch12.html">Up</a></td>
Tinderbox User's avatar
Tinderbox User committed
162 163 164 165 166 167 168 169 170 171 172 173
<td width="40%" align="right"><a accesskey="n" href="man.dnssec-settime.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">dnssec-keymgr</span></td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"><span class="application">dnssec-settime</span>
</td>
</tr>
</table>
</div>
Tinderbox User's avatar
Tinderbox User committed
174
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.12.4-P1</p>
Tinderbox User's avatar
Tinderbox User committed
175 176
</body>
</html>