Commit 8d307467 authored by Evan Hunt's avatar Evan Hunt

Doc the "managed-keys.bind" and "managed-keys.bind.jnl" file. [rt20235]

parent d2a8d002
2725. [doc] Added information about the file "managed-keys.bind"
to the ARM. [RT #20235]
2724. [bug] Updates to a existing node in secure zone using NSEC
were failing. [RT #20448]
......@@ -18,7 +18,7 @@
<!-- File: $Id: Bv9ARM-book.xml,v 1.437 2009/10/16 02:59:41 each Exp $ -->
<!-- File: $Id: Bv9ARM-book.xml,v 1.438 2009/10/22 02:04:07 each Exp $ -->
<book xmlns:xi="">
<title>BIND 9 Administrator Reference Manual</title>
......@@ -9232,6 +9232,21 @@ deny-answer-aliases { ""; };
<command>managed-keys</command> may only be set at the top
level of <filename>named.conf</filename>, not within a view.
In the current implementation, the managed keys database is
stored as a master-format zone file called
<filename>managed-keys.bind</filename>. When the key database
is changed, the zone is updated. As with any other dynamic
zone, changes will be written into a journal file,
<filename>managed-keys.bind.jnl</filename>. They are committed
to the master file as soon as possible afterward; in the case
of the managed key database, this will usually occur within 30
seconds. So, whenever <command>named</command> is using
automatic key maintenace, those two files can be expected to
exist in the working directory. (For this reason among others,
the working directory should be always be writable by
If the <command>dnssec-lookaside</command> option is
set to <userinput>auto</userinput>, <command>named</command>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment