bin/dnssec/dnssec-importkey.docbook

	dnssec-importkey.docbook revision 0c91911b4d1e872b87eaf6431ed47fe24d18dd43
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek               [<!ENTITY mdash "&#8212;">]>
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek<!--
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - Copyright (C) 2009-2011  Internet Systems Consortium, Inc. ("ISC")
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek -
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - Permission to use, copy, modify, and/or distribute this software for any
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - purpose with or without fee is hereby granted, provided that the above
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - copyright notice and this permission notice appear in all copies.
c9d493281d321023543bf423ae10ecd821247a31Yu Watanabe -
fd5ab841e7582342b23c9c08ba24ce0cca266690Marius Tessmann - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
d70698b7e612bad2a45ad5facf9882326ab0f690Yu Watanabe - PERFORMANCE OF THIS SOFTWARE.
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek-->
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek
c2fc2c2560f0ca0fab383753c065e45d76f465e5Lennart Poettering<!-- $Id: dnssec-importkey.docbook,v 1.15 2011/11/03 20:21:37 each Exp $ -->
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek<refentry id="man.dnssec-importkey">
de45d726034f33afdb0a185e62fc61bf10a0acd2Lennart Poettering  <refentryinfo>
de45d726034f33afdb0a185e62fc61bf10a0acd2Lennart Poettering    <date>August 30, 2013</date>
de45d726034f33afdb0a185e62fc61bf10a0acd2Lennart Poettering  </refentryinfo>
de45d726034f33afdb0a185e62fc61bf10a0acd2Lennart Poettering
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek  <refmeta>
ad95fd1d2b9c6344864857c2ba7634fd87753f8eZbigniew Jędrzejewski-Szmek    <refentrytitle><application>dnssec-importkey</application></refentrytitle>
    <manvolnum>8</manvolnum>
    <refmiscinfo>BIND9</refmiscinfo>
  </refmeta>

  <refnamediv>
    <refname><application>dnssec-importkey</application></refname>
    <refpurpose>Import DNSKEY records from external systems so they can be managed.</refpurpose>
  </refnamediv>

  <docinfo>
    <copyright>
      <year>2013</year>
      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
    </copyright>
  </docinfo>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>dnssec-importkey</command>
      <arg><option>-f <replaceable class="parameter">filename</replaceable></option></arg>
      <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
      <arg><option>-P <replaceable class="parameter">date/offset</replaceable></option></arg>
      <arg><option>-D <replaceable class="parameter">date/offset</replaceable></option></arg>
      <arg><option>-h</option></arg>
      <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
      <arg><option>keyname</option></arg>
    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>DESCRIPTION</title>
    <para><command>dnssec-importkey</command>
      read a DNSKEY record and generated a .key/.private key pair.
      Publication (<option>-P</option>) and deletions (<option>-D</option>)
      times can be set for the key.
    </para>
  </refsect1>

  <refsect1>
    <title>OPTIONS</title>

    <variablelist>
      <varlistentry>
    <term>-f <replaceable class="parameter">filename</replaceable></term>
        <listitem>
      <para>
        Filename to read the key from.
      </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-K <replaceable class="parameter">directory</replaceable></term>
        <listitem>
          <para>
            Sets the directory in which the key files are to reside.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-L <replaceable class="parameter">ttl</replaceable></term>
        <listitem>
          <para>
            Sets the default TTL to use for this key when it is converted
            into a DNSKEY RR.  If the key is imported into a zone,
            this is the TTL that will be used for it, unless there was
            already a DNSKEY RRset in place, in which case the existing TTL
            would take precedence.  importkey the default TTL to
            <literal>0</literal> or <literal>none</literal> removes it.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
    <term>-h</term>
        <listitem>
      <para>
        Emit usage message and exit.
      </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-v <replaceable class="parameter">level</replaceable></term>
        <listitem>
          <para>
            Sets the debugging level.
          </para>
        </listitem>
      </varlistentry>

    </variablelist>
  </refsect1>

  <refsect1>
    <title>TIMING OPTIONS</title>
    <para>
      Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
      If the argument begins with a '+' or '-', it is interpreted as
      an offset from the present time.  For convenience, if such an offset
      is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi',
      then the offset is computed in years (defined as 365 24-hour days,
      ignoring leap years), months (defined as 30 24-hour days), weeks,
      days, hours, or minutes, respectively.  Without a suffix, the offset
      is computed in seconds.  To unset a date, use 'none'.
    </para>

    <variablelist>
      <varlistentry>
        <term>-P <replaceable class="parameter">date/offset</replaceable></term>
        <listitem>
          <para>
            Sets the date on which a key is to be published to the zone.
            After that date, the key will be included in the zone but will
            not be used to sign it.
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term>-D <replaceable class="parameter">date/offset</replaceable></term>
        <listitem>
          <para>
            Sets the date on which the key is to be deleted.  After that
            date, the key will no longer be included in the zone.  (It
            may remain in the key repository, however.)
          </para>
        </listitem>
      </varlistentry>

    </variablelist>
  </refsect1>

  <refsect1>
    <title>SEE ALSO</title>
    <para><citerefentry>
        <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
      </citerefentry>,
      <citerefentry>
        <refentrytitle>dnssec-signzone</refentrytitle><manvolnum>8</manvolnum>
      </citerefentry>,
      <citetitle>BIND 9 Administrator Reference Manual</citetitle>,
      <citetitle>RFC 5011</citetitle>.
    </para>
  </refsect1>

  <refsect1>
    <title>AUTHOR</title>
    <para><corpauthor>Internet Systems Consortium</corpauthor>
    </para>
  </refsect1>

</refentry><!--
 - Local variables:
 - mode: sgml
 - End:
-->