dnssec-importkey.docbook revision 0c91911b4d1e872b87eaf6431ed47fe24d18dd43
012a352f4b26cfd874db8d06debc495c2303e8b2Bob Halley<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
178f6ad061e54bc5babfca3577f72058fa0797c1Bob Halley "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
50722c0d550a63d4a2b8f34e907b693a81d864e0Mark Andrews [<!ENTITY mdash "—">]>
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence - Copyright (C) 2009-2011 Internet Systems Consortium, Inc. ("ISC")
178f6ad061e54bc5babfca3577f72058fa0797c1Bob Halley - Permission to use, copy, modify, and/or distribute this software for any
178f6ad061e54bc5babfca3577f72058fa0797c1Bob Halley - purpose with or without fee is hereby granted, provided that the above
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence - copyright notice and this permission notice appear in all copies.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
b897c52f865b2fc4e220e2110b874e59c716456bBob Halley - PERFORMANCE OF THIS SOFTWARE.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley<!-- $Id: dnssec-importkey.docbook,v 1.15 2011/11/03 20:21:37 each Exp $ -->
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <refentryinfo>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </refentryinfo>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <refentrytitle><application>dnssec-importkey</application></refentrytitle>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <refnamediv>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <refname><application>dnssec-importkey</application></refname>
b897c52f865b2fc4e220e2110b874e59c716456bBob Halley <refpurpose>Import DNSKEY records from external systems so they can be managed.</refpurpose>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence </refnamediv>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <refsynopsisdiv>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <cmdsynopsis>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <arg><option>-f <replaceable class="parameter">filename</replaceable></option></arg>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <arg><option>-P <replaceable class="parameter">date/offset</replaceable></option></arg>
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence <arg><option>-D <replaceable class="parameter">date/offset</replaceable></option></arg>
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
dabea86dac4c01f852b7aea728f73b4f55a89d44Mark Andrews </cmdsynopsis>
dabea86dac4c01f852b7aea728f73b4f55a89d44Mark Andrews </refsynopsisdiv>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence read a DNSKEY record and generated a .key/.private key pair.
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence Publication (<option>-P</option>) and deletions (<option>-D</option>)
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence times can be set for the key.
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence <variablelist>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <varlistentry>
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence <term>-f <replaceable class="parameter">filename</replaceable></term>
c32b87bc54abacf95fb3b063d72b7d1855c1643bMichael Graff Filename to read the key from.
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence </varlistentry>
12e63bfe1d111ccb57f482b28d56c785cccc7cf7David Lawrence <varlistentry>
460b427411b72da26b1836b9424e2e70d65d9394David Lawrence <term>-K <replaceable class="parameter">directory</replaceable></term>
c427260a8678f2e99a2337fb95ec98d9c9ee8c05Mark Andrews Sets the directory in which the key files are to reside.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <term>-L <replaceable class="parameter">ttl</replaceable></term>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley Sets the default TTL to use for this key when it is converted
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley into a DNSKEY RR. If the key is imported into a zone,
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley this is the TTL that will be used for it, unless there was
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley already a DNSKEY RRset in place, in which case the existing TTL
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley would take precedence. importkey the default TTL to
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <literal>0</literal> or <literal>none</literal> removes it.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley Emit usage message and exit.
0014d6342b0d50ae37126ac16d5bf821d02ffff7David Lawrence </varlistentry>
0014d6342b0d50ae37126ac16d5bf821d02ffff7David Lawrence <varlistentry>
0014d6342b0d50ae37126ac16d5bf821d02ffff7David Lawrence <term>-v <replaceable class="parameter">level</replaceable></term>
a9558a6c63d9c6dbb2f3800b39ccb008652fcde3Mark Andrews Sets the debugging level.
0014d6342b0d50ae37126ac16d5bf821d02ffff7David Lawrence </varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </variablelist>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley If the argument begins with a '+' or '-', it is interpreted as
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley an offset from the present time. For convenience, if such an offset
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi',
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley then the offset is computed in years (defined as 365 24-hour days,
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley ignoring leap years), months (defined as 30 24-hour days), weeks,
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley days, hours, or minutes, respectively. Without a suffix, the offset
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley is computed in seconds. To unset a date, use 'none'.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <variablelist>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <term>-P <replaceable class="parameter">date/offset</replaceable></term>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley Sets the date on which a key is to be published to the zone.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley After that date, the key will be included in the zone but will
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley not be used to sign it.
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley <term>-D <replaceable class="parameter">date/offset</replaceable></term>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley Sets the date on which the key is to be deleted. After that
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley date, the key will no longer be included in the zone. (It
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley may remain in the key repository, however.)
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </varlistentry>
0b72c791466d0807bcf22522b5ddb7da902c2720Bob Halley </variablelist>