sign.sh 884 Bytes
Newer Older
1 2
#!/bin/sh -e
#
3
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
Mark Andrews's avatar
Mark Andrews committed
4
#
5 6 7
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 9 10
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
11

12 13
set -e

14
. ../../conf.sh
15 16 17 18 19

zone=.
infile=root.db.in
zonefile=root.db

20 21 22
key1=$($KEYGEN -q -a ECDSAP256SHA256 -n zone "$zone")
key2=$($KEYGEN -q -a ECDSAP384SHA384 -n zone -f KSK "$zone")
$DSFROMKEY -a sha-384 "$key2.key" > dsset-384
23

24
cat "$infile" "$key1.key" "$key2.key" > $zonefile
25

26
$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err
27

28
# Configure the resolving server with a static key.
29
keyfile_to_static_ds "$key1" > trusted.conf
30
cp trusted.conf ../ns2/trusted.conf