d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<html lang="en">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<head>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<title>dnssec-revoke</title>

fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">

14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<link rel="prev" href="man.dnssec-keymgr.html" title="dnssec-keymgr">

0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</head>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<div class="navheader">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<table width="100%" summary="Navigation header">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<td width="20%" align="left">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a>�</td>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<th width="60%" align="center">Manual pages</th>

0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</td>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</table>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<hr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</div>

fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="refentry">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<a name="man.dnssec-revoke"></a><div class="titlepage"></div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="refnamediv">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<h2>Name</h2>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span class="application">dnssec-revoke</span>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User &#8212; set the REVOKED bit on a DNSSEC key

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="refsynopsisdiv">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<h2>Synopsis</h2>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="cmdsynopsis"><p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <code class="command">dnssec-revoke</code>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-hr</code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-V</code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-f</code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User [<code class="option">-R</code>]

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User {keyfile}

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p></div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="refsection">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a name="id-1.14.14.7"></a><h2>DESCRIPTION</h2>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p><span class="command"><strong>dnssec-revoke</strong></span>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt reads a DNSSEC key file, sets the REVOKED bit on the key as defined

fd0b768f4c23d22c89f8a156a632831583b7fb68Automatic Updater in RFC 5011, and creates a new pair of key files containing the

fd0b768f4c23d22c89f8a156a632831583b7fb68Automatic Updater now-revoked key.

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="refsection">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a name="id-1.14.14.8"></a><h2>OPTIONS</h2>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="variablelist"><dl class="variablelist">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<dt><span class="term">-h</span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Emit usage message and exit.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Sets the directory in which the key files are to reside.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<dt><span class="term">-r</span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt After writing the new keyset files remove the original keyset

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt files.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt Sets the debugging level.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

6f1205897504b8f50b1785975482c995888dd630Tinderbox User<dt><span class="term">-V</span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

6f1205897504b8f50b1785975482c995888dd630Tinderbox User Prints version information.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

8ec3c085233cedb22b05da36e2773c8f357a7e45Automatic Updater<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User Specifies the cryptographic hardware to use, when applicable.

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User When BIND is built with OpenSSL PKCS#11 support, this defaults

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User to the string "pkcs11", which identifies an OpenSSL engine

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User that can drive a cryptographic accelerator or hardware service

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User module. When BIND is built with native PKCS#11 cryptography

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User (--enable-native-pkcs11), it defaults to the path of the PKCS#11

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User provider library specified via "--with-pkcs11".

6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<dt><span class="term">-f</span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Force overwrite: Causes <span class="command"><strong>dnssec-revoke</strong></span> to

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt write the new key pair even if a file already exists matching

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt the algorithm and key ID of the revoked key.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

12bfbed87cfffa65ac300b72c5665ab38a355c2fAutomatic Updater<dt><span class="term">-R</span></dt>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p>

12bfbed87cfffa65ac300b72c5665ab38a355c2fAutomatic Updater Print the key tag of the key with the REVOKE bit set but do

12bfbed87cfffa65ac300b72c5665ab38a355c2fAutomatic Updater not revoke the key.

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </dd>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</dl></div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <div class="refsection">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a name="id-1.14.14.9"></a><h2>SEE ALSO</h2>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <p><span class="citerefentry">

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <span class="refentrytitle">dnssec-keygen</span>(8)

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </span>,

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt <em class="citetitle">BIND 9 Administrator Reference Manual</em>,

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt <em class="citetitle">RFC 5011</em>.

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt </p>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </div>

7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</div>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<div class="navfooter">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<hr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<table width="100%" summary="Navigation footer">

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<td width="40%" align="left">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<a accesskey="p" href="man.dnssec-keymgr.html">Prev</a>�</td>

cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>

0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</td>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<td width="40%" align="left" valign="top">

7e71f05d8643aca84914437c900cb716444507e4Tinderbox User<span class="application">dnssec-keymgr</span>�</td>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</td>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</tr>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</table>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</div>

c313914d0e66b20969215e519bbf2ab4ecf39512Tinderbox User<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.3 (Extended Support Version)</p>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</body>

1bc5499c2a0fc5d2b11849e97cdd6305a64eb242Evan Hunt</html>