man.dnssec-revoke.html 5.61 KB
Newer Older
Tinderbox User's avatar
Tinderbox User committed
1 2
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
Tinderbox User's avatar
Tinderbox User committed
3
 - Copyright (C) 2000-2019 Internet Systems Consortium, Inc. ("ISC")
Tinderbox User's avatar
Tinderbox User committed
4 5 6 7 8 9 10 11 12
 - 
 - This Source Code Form is subject to the terms of the Mozilla Public
 - License, v. 2.0. If a copy of the MPL was not distributed with this
 - file, You can obtain one at http://mozilla.org/MPL/2.0/.
-->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>dnssec-revoke</title>
Tinderbox User's avatar
Tinderbox User committed
13
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
Tinderbox User's avatar
Tinderbox User committed
14
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
15
<link rel="up" href="Bv9ARM.ch12.html" title="Manual pages">
Tinderbox User's avatar
Tinderbox User committed
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
<link rel="prev" href="man.dnssec-keymgr.html" title="dnssec-keymgr">
<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a></td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"><a accesskey="n" href="man.dnssec-settime.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="refentry">
<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
Tinderbox User's avatar
Tinderbox User committed
35 36 37 38 39 40
  
  

  

  <div class="refnamediv">
Tinderbox User's avatar
Tinderbox User committed
41
<h2>Name</h2>
Tinderbox User's avatar
Tinderbox User committed
42 43 44 45
<p>
    <span class="application">dnssec-revoke</span>
     &#8212; set the REVOKED bit on a DNSSEC key
  </p>
Tinderbox User's avatar
Tinderbox User committed
46
</div>
Tinderbox User's avatar
Tinderbox User committed
47 48 49 50

  

  <div class="refsynopsisdiv">
Tinderbox User's avatar
Tinderbox User committed
51
<h2>Synopsis</h2>
Tinderbox User's avatar
Tinderbox User committed
52 53 54 55 56 57 58 59 60 61 62 63 64 65
    <div class="cmdsynopsis"><p>
      <code class="command">dnssec-revoke</code> 
       [<code class="option">-hr</code>]
       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
       [<code class="option">-V</code>]
       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
       [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>]
       [<code class="option">-f</code>]
       [<code class="option">-R</code>]
       {keyfile}
    </p></div>
  </div>

  <div class="refsection">
Tinderbox User's avatar
Tinderbox User committed
66
<a name="id-1.13.14.7"></a><h2>DESCRIPTION</h2>
Tinderbox User's avatar
Tinderbox User committed
67 68

    <p><span class="command"><strong>dnssec-revoke</strong></span>
Tinderbox User's avatar
Tinderbox User committed
69 70 71 72
      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
      in RFC 5011, and creates a new pair of key files containing the
      now-revoked key.
    </p>
Tinderbox User's avatar
Tinderbox User committed
73 74 75
  </div>

  <div class="refsection">
Tinderbox User's avatar
Tinderbox User committed
76
<a name="id-1.13.14.8"></a><h2>OPTIONS</h2>
Tinderbox User's avatar
Tinderbox User committed
77 78 79


    <div class="variablelist"><dl class="variablelist">
Tinderbox User's avatar
Tinderbox User committed
80
<dt><span class="term">-h</span></dt>
Tinderbox User's avatar
Tinderbox User committed
81 82
<dd>
	  <p>
Tinderbox User's avatar
Tinderbox User committed
83
	    Emit usage message and exit.
Tinderbox User's avatar
Tinderbox User committed
84 85
	  </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
86
<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
87 88
<dd>
          <p>
Tinderbox User's avatar
Tinderbox User committed
89
            Sets the directory in which the key files are to reside.
Tinderbox User's avatar
Tinderbox User committed
90 91
          </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
92
<dt><span class="term">-r</span></dt>
Tinderbox User's avatar
Tinderbox User committed
93 94
<dd>
	  <p>
Tinderbox User's avatar
Tinderbox User committed
95 96
	    After writing the new keyset files remove the original keyset
	    files.
Tinderbox User's avatar
Tinderbox User committed
97 98
	  </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
99
<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
Tinderbox User's avatar
Tinderbox User committed
100 101
<dd>
          <p>
Tinderbox User's avatar
Tinderbox User committed
102
            Sets the debugging level.
Tinderbox User's avatar
Tinderbox User committed
103 104
          </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
105
<dt><span class="term">-V</span></dt>
Tinderbox User's avatar
Tinderbox User committed
106 107
<dd>
	  <p>
Tinderbox User's avatar
Tinderbox User committed
108
	    Prints version information.
Tinderbox User's avatar
Tinderbox User committed
109 110
	  </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
111 112
<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
<dd>
Tinderbox User's avatar
Tinderbox User committed
113
          <p>
Tinderbox User's avatar
Tinderbox User committed
114 115
            Specifies the cryptographic hardware to use, when applicable.
          </p>
Tinderbox User's avatar
Tinderbox User committed
116
          <p>
Tinderbox User's avatar
Tinderbox User committed
117 118 119 120 121 122 123
            When BIND is built with OpenSSL PKCS#11 support, this defaults
            to the string "pkcs11", which identifies an OpenSSL engine
            that can drive a cryptographic accelerator or hardware service
            module.  When BIND is built with native PKCS#11 cryptography
            (--enable-native-pkcs11), it defaults to the path of the PKCS#11
            provider library specified via "--with-pkcs11".
          </p>
Tinderbox User's avatar
Tinderbox User committed
124
        </dd>
Tinderbox User's avatar
Tinderbox User committed
125
<dt><span class="term">-f</span></dt>
Tinderbox User's avatar
Tinderbox User committed
126 127
<dd>
          <p>
Tinderbox User's avatar
Tinderbox User committed
128 129 130
            Force overwrite: Causes <span class="command"><strong>dnssec-revoke</strong></span> to
            write the new key pair even if a file already exists matching
            the algorithm and key ID of the revoked key.
Tinderbox User's avatar
Tinderbox User committed
131 132
          </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
133
<dt><span class="term">-R</span></dt>
Tinderbox User's avatar
Tinderbox User committed
134 135
<dd>
          <p>
Tinderbox User's avatar
Tinderbox User committed
136 137
	    Print the key tag of the key with the REVOKE bit set but do
	    not revoke the key.
Tinderbox User's avatar
Tinderbox User committed
138 139
          </p>
        </dd>
Tinderbox User's avatar
Tinderbox User committed
140
</dl></div>
Tinderbox User's avatar
Tinderbox User committed
141 142 143
  </div>

  <div class="refsection">
Tinderbox User's avatar
Tinderbox User committed
144
<a name="id-1.13.14.9"></a><h2>SEE ALSO</h2>
Tinderbox User's avatar
Tinderbox User committed
145 146 147 148

    <p><span class="citerefentry">
        <span class="refentrytitle">dnssec-keygen</span>(8)
      </span>,
Tinderbox User's avatar
Tinderbox User committed
149 150 151
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 5011</em>.
    </p>
Tinderbox User's avatar
Tinderbox User committed
152 153
  </div>

Tinderbox User's avatar
Tinderbox User committed
154 155 156 157 158 159 160
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a></td>
161
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch12.html">Up</a></td>
Tinderbox User's avatar
Tinderbox User committed
162 163 164 165 166 167 168 169 170 171 172 173
<td width="40%" align="right"><a accesskey="n" href="man.dnssec-settime.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">dnssec-keymgr</span></td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"><span class="application">dnssec-settime</span>
</td>
</tr>
</table>
</div>
Tinderbox User's avatar
Tinderbox User committed
174
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.14.0 (Stable Release)</p>
Tinderbox User's avatar
Tinderbox User committed
175 176
</body>
</html>