doc/arm/man.dnssec-revoke.html

	man.dnssec-revoke.html revision 14a656f94b1fd0ababd84a772228dfa52276ba15
bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch<!--
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - Copyright (C) 2000-2003 Internet Software Consortium.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen -
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - Permission to use, copy, modify, and/or distribute this software for any
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo Sirainen - purpose with or without fee is hereby granted, provided that the above
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - copyright notice and this permission notice appear in all copies.
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen -
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
bdd36cfdba3ff66d25570a9ff568d69e1eb543cfTimo Sirainen - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
7a60e1dc9e93ef3f7c7fe1af6385a0bfa1e31bc3Timo Sirainen - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen - PERFORMANCE OF THIS SOFTWARE.
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen-->
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen<html>
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen<head>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen<title>dnssec-revoke</title>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo Sirainen<link rel="prev" href="man.dnssec-keygen.html" title="dnssec-keygen">
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7Timo Sirainen<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen</head>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<div class="navheader">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<table width="100%" summary="Navigation header">
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen<tr>
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen<td width="20%" align="left">
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<th width="60%" align="center">Manual pages</th>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen</td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</tr>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen</table>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<hr>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen</div>
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen<div class="refentry">
efe78d3ba24fc866af1c79b9223dc0809ba26cadStephan Bosch<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  <div class="refnamediv">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2>Name</h2>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    <span class="application">dnssec-revoke</span>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen     &#8212; Set the REVOKED bit on a DNSSEC key
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  </p>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen</div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen  <div class="refsynopsisdiv">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<h2>Synopsis</h2>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    <div class="cmdsynopsis"><p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen      <code class="command">dnssec-revoke</code>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen       [<code class="option">-hr</code>]
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen       [<code class="option">-V</code>]
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen       [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>]
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen       [<code class="option">-f</code>]
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen       [<code class="option">-R</code>]
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen       {keyfile}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    </p></div>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen  </div>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen  <div class="refsection">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<a name="id-1.14.11.7"></a><h2>DESCRIPTION</h2>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    <p><span class="command"><strong>dnssec-revoke</strong></span>
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen      in RFC 5011, and creates a new pair of key files containing the
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen      now-revoked key.
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen    </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  </div>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen  <div class="refsection">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<a name="id-1.14.11.8"></a><h2>OPTIONS</h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    <div class="variablelist"><dl class="variablelist">
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<dt><span class="term">-h</span></dt>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<dd>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen      <p>
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen        Emit usage message and exit.
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen      </p>
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen        </dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen          <p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            Sets the directory in which the key files are to reside.
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen          </p>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        </dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dt><span class="term">-r</span></dt>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen      <p>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        After writing the new keyset files remove the original keyset
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        files.
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen      </p>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        </dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen          <p>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen            Sets the debugging level.
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen          </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        </dd>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen<dt><span class="term">-V</span></dt>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<dd>
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen      <p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        Prints version information.
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen      </p>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        </dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen<dd>
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen          <p>
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen            Specifies the cryptographic hardware to use, when applicable.
0d1b8b6bec79746c5d89d57dd8c1688946bd9237Josef 'Jeff' Sipek          </p>
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen          <p>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            When BIND is built with OpenSSL PKCS#11 support, this defaults
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            to the string "pkcs11", which identifies an OpenSSL engine
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen            that can drive a cryptographic accelerator or hardware service
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen            module.  When BIND is built with native PKCS#11 cryptography
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen            (--enable-native-pkcs11), it defaults to the path of the PKCS#11
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            provider library specified via "--with-pkcs11".
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen          </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        </dd>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<dt><span class="term">-f</span></dt>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<dd>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen          <p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            Force overwrite: Causes <span class="command"><strong>dnssec-revoke</strong></span> to
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            write the new key pair even if a file already exists matching
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            the algorithm and key ID of the revoked key.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen          </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        </dd>
9261dbf0675204898c6557591c7aa376e23a52b2Timo Sirainen<dt><span class="term">-R</span></dt>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<dd>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen          <p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        Print the key tag of the key with the REVOKE bit set but do
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        not revoke the key.
a75d470c9223a75801418fcdda258885c36317e0Timo Sirainen          </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        </dd>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</dl></div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  </div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  <div class="refsection">
a75d470c9223a75801418fcdda258885c36317e0Timo Sirainen<a name="id-1.14.11.9"></a><h2>SEE ALSO</h2>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    <p><span class="citerefentry">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        <span class="refentrytitle">dnssec-keygen</span>(8)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen      </span>,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen      <em class="citetitle">RFC 5011</em>.
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    </p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen  </div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<div class="navfooter">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<hr>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<table width="100%" summary="Navigation footer">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<tr>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="40%" align="left">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</tr>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<tr>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="40%" align="left" valign="top">
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<span class="application">dnssec-keygen</span>�</td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</td>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</tr>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</table>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</div>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.0pre-alpha</p>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</body>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen</html>
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen